186 matches found
cyrus-imapd security update
An update is available for cyrus-imapd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cyrus-imapd packages contain a high-performance mail server with IMAP...
CVE-2025-27796
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob...
CVE-2022-49453
In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for null return of devmkcalloc The allocation funciton devmkcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly...
CVE-2025-1059
CWE-770: Allocation of Resources Without Limits or Throttling vulnerability exists that could cause communications to stop when malicious packets are sent to the webserver of the device...
CVE-2022-36078
Binary provides encoding/decoding in Borsh and other formats. The vulnerability is a memory allocation vulnerability that can be exploited to allocate slices in memory with arbitrary excessive size value, which can either exhaust available memory or crash the whole program. When using...
CVE-2024-43410
Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length,...
CVE-2025-0695
CVE-2025-0695 affects Cesanta Frozen library prior to version 1.7. The vulnerability is an unbounded Allocation of Resources Without Limits or Throttling, allowing an attacker to crash the component embedding the library by supplying malicious JSON input. Affected scope is Cesanta Frozen versions
CVE-2025-0695
An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input...
CVE-2024-46666
An allocation of resources without limits or throttling CWE-770 vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests...
CVE-2024-46668
An allocation of resources without limits or throttling vulnerability CWE-770 in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple...
CVE-2024-47537
CVE-2024-47537 affects GStreamer, specifically gstreamer1-plugins-good. The issue arises in the isomp4/qtdemux.c path where the program reallocates stream->samples to hold stream->n_samples + samples_count, with samples_count read from input. If samples_count is large, an integer overflow c...
PT-2024-10475 · Gstreamer +10 · Gstreamer +10
Name of the Vulnerable Software and Affected Versions: GStreamer versions prior to 1.24.10 Description: The issue is related to an integer overflow in the memory reallocation process. The program attempts to reallocate memory to accommodate a certain number of elements, but if the value read from...
CVE-2024-53126 vdpa: solidrun: Fix UB bug with devres
In the Linux kernel, the following vulnerability has been resolved: vdpa: solidrun: Fix UB bug with devres In psnetopenpfbar and snetopenvfbar a string later passed to pcimiomapregions is placed on the stack. Neither pcimiomapregions nor the functions it calls copy that string. Should the string...
FreeBSD 安全漏洞
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from allowing a caller to specify an arbitrary size passed to the kernel memory allocator...
CVE-2024-46790 codetag: debug: mark codetags for poisoned page as empty
In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PGhwpoison pages are freed they are treated differently in freepagesprepare and instead of being released they are isolated. Page allocation tag counters are decrement...
CVE-2024-43410 Russh has an OOM Denial of Service due to allocation of untrusted amount
Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length,...
kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
A vulnerability was found in the ext4mbfindbygoal function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap...
Potential memory exhaustion attack due to sparse slice deserialization
Details Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. For instance, in the Proof of Concept written below, someone can specify to set a field of the...
CVE-2024-37298 Potential memory exhaustion attack due to sparse slice deserialization
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...