EUVD-2016-9977

Malware in sbrugna...

EUVD-2016-3568

Malware in sbrugna...

EUVD-2024-2101

Malicious code in bioql PyPI...

CVE-2023-53009

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization...

CVE-2024-7771

CVE-2024-7771 affects the Dockerized mintplex-labs/anything-llm (latest digest 1d9452da2b92). The issue is in the localWhisper audio transcription path: resampling from 1 Hz to 16000 Hz can quickly exhaust memory, causing the Docker container to be killed by the daemon and leading to a denial of ...

CVE-2024-5629

An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory...

Denial Of Service (DoS)

gss-ntlmssp is vulnerable to Denial of Service DoS attacks. Memory corruption can be triggered when decoding UTF16 strings if the variable 'outlen' is not initialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory spac...

openSUSE Security Update : dpdk (openSUSE-2020-1599)

This update for dpdk fixes the following issues : - dpdk was updated to 19.11.4 - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14 377,CVE-2020-14378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host VM Escape, reading...

SUSE-SU-2020:2770-1 Security update for dpdk

This update for dpdk fixes the following issues: - dpdk was updated to 19.11.4 - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host VM Escape, reading ho...

CVE-2020-5313

An out-of-bounds read was discovered in python-pillow in the way it decodes FLI images. An application that uses python-pillow to load untrusted images may be vulnerable to this flaw, which can allow an attacker to read the memory of the application they should be not allowed to read...

Avast Free Antivirus < 19.1.2360 Information Disclosure Vulnerability - Windows

Avast Free Antivirus is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ASLR Bypass

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

CVE-2018-8778

A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory. Mitigation Vulnerable code when Stringunpacks argument is attacker controlled. In the...

CVE-2016-9160

A vulnerability in SIEMENS SIMATIC WinCC All versions SIMATIC WinCC V7.2 and SIEMENS SIMATIC PCS 7 All versions SIMATIC PCS 7 V8.0 SP1 could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under...

Design/Logic Flaw

A vulnerability in SIEMENS SIMATIC WinCC All versions SIMATIC WinCC V7.2 and SIEMENS SIMATIC PCS 7 All versions SIMATIC PCS 7 V8.0 SP1 could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under...

CVE-2016-9160

A vulnerability in SIEMENS SIMATIC WinCC All versions SIMATIC WinCC V7.2 and SIEMENS SIMATIC PCS 7 All versions SIMATIC PCS 7 V8.0 SP1 could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under...

Debian Security Advisory DSA 3725-1 (icu - security update)

Several vulnerabilities were discovered in the International Components for Unicode ICU library. CVE-2014-9911 Michele Spagnuolo discovered a buffer overflow vulnerability which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via crafted text...

Siemens SIMATIC WinCC and SIMATIC PCS 7 ActiveX Vulnerability

OVERVIEW Mingzheng Li from Acorn Network Security Lab has identified an ActiveX vulnerability in Siemens’ SIMATIC WinCC and SIMATIC PCS 7. Siemens has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Siemens reports that the...

CVE-2015-8925

A vulnerability was found in libarchive. A specially crafted MTREE file could cause a small out-of-bounds read, potentially disclosing a small amount of application memory...

Scientific Linux Security Update : python on 6.x i686/x86_64 (2015:1330)

The remote Scientific Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2015:1330-1 advisory. - Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before...