DEBIAN-CVE-2024-26599

In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in ofpwmsinglexlate With args-argscount == 2 args-args2 is not defined. Actually the flags are contained in args-args1...

PT-2023-35638 · Git +1 · Binutils

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the loongarch split args by comma, print insn loongarch, and disassemble sectio...

UBUNTU-CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...

CVE-2023-4882

DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...

CVE-2023-4882

DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...

Code injection

DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...

CVE-2023-4882 Multiple vulnerabilities in Open5GS

DOS vulnerability that could allow an attacker to register a new VNF Virtual Network Function value. This action could trigger the argsassets function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash...

Memory leak in btrfs_get_dev_args_from_path()

...

CVE-2023-4394

A use-after-free flaw was found in btrfsgetdevargsfrompath in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information...

SUSE CVE-2016-2339

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "argtypes" allocation is made based on args array length. Specially constructed object passed as element of args array can...

SUSE CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

SUSE CVE-2021-37576

arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtasargs.nargs, aka CID-f62f3c20647e...

CVE-2022-44303

Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting XSS. A remote attacker could inject javascript code to the "schedulejob" or "args" parameter in /resque/delayed/jobs/schedulejob?args=argsid to execute javascript at client side...

PT-2022-27174 · Unknown · Resque Scheduler

Name of the Vulnerable Software and Affected Versions: Resque Scheduler version 1.27.4 Description: A remote attacker could inject javascript code to the schedule job or args parameters in "/resque/delayed/jobs/schedule job?args=args id" to execute javascript at the client side, resulting in a...

CVE-2022-3900 Cooked Pro < 1.7.5.7 - Unauthenticated PHP Object Injection

The Cooked Pro WordPress plugin before 1.7.5.7 does not properly validate or sanitize the recipeargs parameter before unserializing it in the cookedloadmore action, allowing an unauthenticated attacker to trigger a PHP Object injection vulnerability...

CVE-2018-5764, CVE-2017-16548 and CVE-2017-1734. Vulnerabilities in rsynd

Security Advisory ID : BSA-2022-2074 Component : rsyncd Revision : 1.0 CVE-2018-5764: The parsearguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism. Base...

mariadb: assertion failure in Item_args::walk_arg

A use-after-free flaw was found in Maria DB. The MariaDB Server contains a use-after-free in the component, Itemargs::walkarg, which is exploited via specially crafted SQL statements, affecting availability...

mariadb: server crash in Item_args::walk_args

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemargs::walkargs...

mariadb: server crash in Item_args::walk_args

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemargs::walkargs...

mariadb: assertion failure in Item_args::walk_arg

A use-after-free flaw was found in Maria DB. The MariaDB Server contains a use-after-free in the component, Itemargs::walkarg, which is exploited via specially crafted SQL statements, affecting availability...