CVE-2022-26716

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2022-29693

Unicorn Engine v2.0.0-rc7 and below was discovered to contain a memory leak via the function ucclose at /my/unicorn/uc.c...

vdsm: disclosure of sensitive values in log files

A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text...

F5 BIG-IP iControl Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl RCE via REST Authentication Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in the F5...

ntfs-3g: Out-of-bounds heap buffer access in ntfs_get_attribute_value() due to incorrect check of bytes_in_use value in MFT records

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS attributes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

ntfs-3g: Heap buffer overflow triggered by a specially crafted NTFS inode pathname

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS inode pathname, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

[SECURITY] Fedora 35 Update: onionscan-0.2-6.fc35

OnionScan is a free and open source tool for investigating the Dark Web...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

CVE-2021-44493

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

TIBCO Managed File Transfer Platform Server 代码注入漏洞

TIBCO Managed File Transfer Platform Server is a hosted file transfer platform server from TIBCO USA. A security vulnerability exists in the cfsend, cfrecv, and CyberResp components of TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux...

haproxy: Denial of service via set-cookie2 header

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerabili...

httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling...

numpy: buffer overflow in the PyArray_NewFromDescr_int() in ctors.c

A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArrayNewFromDescrint function of ctors.c when specifying arrays of large dimensions over 32 from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In very...

mariadb: crash in Used_tables_and_const_cache::used_tables_and_const_cache_join

A flaw was found in MariaDB. An issue in the component, Usedtablesandconstcache::usedtablesandconstcachejoin, of the MariaDB Server v10.7 allows attackers to cause a denial of service DoS via specially crafted SQL statements, impacting availability...

Vim has an unspecified vulnerability (CNVD-2022-20153)

Vim is an editor based on the UNIX platform. there is a security vulnerability in Vim and no details of the vulnerability are currently available...

vim buffer overflow vulnerability (CNVD-2022-18519)

Vim is an editor based on the UNIX platform. vim is vulnerable to a buffer overflow vulnerability, which originates from a heap-based buffer overflow. No detailed vulnerability details are currently available...

dotnet: double parser stack buffer overrun

A flaw was found in dotnet, where a buffer overrun exists in the double parse routine, which could lead to remote code execution. This flaw allows an attacker to execute code remotely on the system, leading to some system compromise...

Vim Resource Management Error Vulnerability (CNVD-2022-20100)

Vim is an editor for the UNIX platform. A resource management error vulnerability exists in vim, which can be exploited by an attacker to input a specially crafted file, resulting in a crash or code execution...

unbound: integer overflow in a size calculation in respip/respip.c

A flaw was found in unbound. An integer overflow in ubpackedrrsetkey function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...