5279 matches found
CVE-2024-7254
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or...
DEBIAN-CVE-2024-7254
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or...
UBUNTU-CVE-2024-7254
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the parsing of nested groups or series of SGROUP tags as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields. An attacker can cause infinite recursi...
CVE-2024-7254
Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or...
PT-2024-41010 · Suse · Suse Linux Enterprise 15 Sp5 Azure Kernel
Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise 15 SP5 RT kernel affected versions not specified Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. Several non-security bugs were also fixed, including issues relat...
The vulnerability of the H5E_printf_stack() function in the H5Eint.c file of the HDF5 library allows a attacker to disclose protected information.
The vulnerability of the H5Eprintfstack function in the H5Eint.c file of the HDF5 library is related to an uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to disclose sensitive information that is protected by this function...
Vulnerability in file H5Eint.c of the HDF5 library, which allows a hacker to cause a service failure
The vulnerability in the H5Eint.c file of the HDF5 library is related to an uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the Decoder.Decode function in the Go programming language allows a hacker to trigger a service failure.
The vulnerability of the Decoder.Decode function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the Parse function in the Go programming language, which allows a hacker to trigger a service failure
The vulnerability of the Parse function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the Parse function in the Go programming language, which allows a hacker to trigger a service failure
The vulnerability of the Parse function in the Go programming language is related to an uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2394)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : kernel:ACPI: CPPC: Use accesswidth over bitwidth for system memory accessesCVE-2024-35995 ACPI: LPIT: Avoid u32 multiplication...
Uncontrolled Recursion
Overview std/go/parser is a Go standard library package std/go/parser Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack...
Uncontrolled Recursion
Overview std/go/build/constraint is a Go standard library package std/go/build/constraint Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stac...
SUSE CVE-2024-44996
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...
Security Bulletin: Vulnerability in Netty affects watsonx.data
Summary Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. B...
DEBIAN-CVE-2024-44996
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...
CVE-2024-44996
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...
UBUNTU-CVE-2024-44996
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...
CVE-2024-44996 vsock: fix recursive ->recvmsg calls
In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...