6773 matches found
CVE-2024-55565
nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...
UBUNTU-CVE-2024-55565
nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...
CVE-2024-55565
nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...
nanoid 安全漏洞
nanoid Nano ID is a small, secure, URL-friendly, unique string ID generator for JavaScript by the individual developer Andrey Sitnik. A security vulnerability exists in nanoid versions prior to 5.0.9, which stems from improper handling of non-integer values...
CVE-2024-55565
nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...
CVE-2024-55560
MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...
SUSE-SU-2024:4208-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. - CVE-2024-42133: Bluetooth: Ignore too larg...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
CVE-2024-35366
CVE-2024-35366 affects FFmpeg v6.1.1. The vulnerability is in the parse_options function of sbgdec.c in the libavformat module, where certain inputs are not properly validated. This can allow negative duration values to be accepted without bounds checking, leading to an integer overflow and poten...
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...
SUSE CVE-2024-53101
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...
PT-2024-35775 · Taiga · Taiga
Name of the Vulnerable Software and Affected Versions: Taiga version 6.8.1 Description: A CSV injection issue allows attackers to execute arbitrary code via uploading a crafted CSV file. This is achieved by loading a specifically manipulated CSV file, enabling the execution of arbitrary code...
DEBIAN-CVE-2024-53101
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...
UBUNTU-CVE-2024-53101
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...
CVE-2024-53101 fs: Fix uninitialized value issue in from_kuid and from_kgid
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...
GHSA-V7GV-XPGF-6395 Keycloak Build Process Exposes Sensitive Data
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...
CLSA-2024-1732555093 Fix CVE(s): CVE-2020-27767
SECURITY UPDATE: Undefined behavior due to values outside range in quantum.h - debian/patches/CVE-2020-27767.patch: Fix quantum.h to include float.h to handle min and max values for Quantum type - debian/patches/CVE-2020-27767-1.patch: Fix ClampToQuantum function to handle negative values correct...