UBUNTU-CVE-2022-2928

In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addoption, it increases the option's refcount field. However, there is not a corresponding call to optiondereference to decrement the refcount field. The function addoption is on...

CVE-2022-2928

In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addoption, it increases the option's refcount field. However, there is not a corresponding call to optiondereference to decrement the refcount field. The function addoption is on...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google Inc. in the United States. Google TensorFlow suffers from an Input Validation Error vulnerability that stems from an overflow that can occur if the limits parameter of the RaggedRangOp function is a...

CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

PYSEC-2022-43137

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

PYSEC-2022-43137

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

UBUNTU-CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-38496

CVE-2022-38496: LIEF library issue where commit 365a16a introduces a reachable assertion abort in BinaryStream.hpp. Affects LIEF components using BinaryStream.hpp; impact is crash (assertion abort) locally. No exploit details or patch info provided in the connected documents. Remediation/versions...

CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

PT-2022-24428 · Lief · Lief

Name of the Vulnerable Software and Affected Versions: LIEF version 365a16a Description: A reachable assertion abort was discovered in the BinaryStream.hpp component. Recommendations: For LIEF version 365a16a, consider disabling the use of the BinaryStream.hpp component until a patch is available...

LIEF 安全漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF suffers from a security vulnerability that stems from an assertion abort reachable in the component BinaryStream.hpp...

CVE-2021-40647

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

Sagemath 9.0 Overflow / Denial Of Service

sagemath 9.0 and reportedly later on ubuntu 20. sagemath gives access to the python interpreter, so code execution is trivial. We give DoS attacks, which terminates the sagemath process with abort, when raising symbolic expression to large integer power. We get abort with stack: gmp: overflow in...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.15.1)

The version of AOS installed on the remote host is prior to 5.15.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.15.1 advisory. - rtlp2pnoaie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check,...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16.0.1)

The version of AOS installed on the remote host is prior to 5.16.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16.0.1 advisory. - OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of...

Directus 安全漏洞

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus, which can be exploited by an attacker to abort the Directus process...

389 security update

CentOS Errata and Security Advisory CESA-2022:5239 An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...