Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper initialization of arrays, which could lead to reuse after release...

CVE-2024-57908 iio: imu: kmx61: fix information leak in triggered buffer

In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

CVE-2024-44966

CVE-2024-44966 is a Linux kernel vulnerability involving the binfmt_flat helper. A RISC-V specific FLAT format variant reserved no space for the obsolete shared library pointer array, but initialization code was not disabled, causing corruption of sizeof(long) bytes before the DATA segment (end o...

SUSE CVE-2013-6638

Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the 1...

MGASA-2022-0234 Updated php packages fix security vulnerability

CLI -Fixed bug 8575 CLI closes standard streams too early. Core -Fixed Haiku ZTS builds. Date -Fixed bug 8471 Segmentation fault when converting immutable and mutable DateTime instances created using reflection. php-fpm - Fixed bug 72185 writes empty fcgi record causing nginx 502. Mysqlnd - Fixed...

radare2 资源管理错误漏洞

radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in radare2 versions prior to 5.6.4, which stems from a missing initialization assignment to an array in the software code, and can be exploited by an attacker to achieve a denial of service...

DEBIAN-CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...

UBUNTU-CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...

Qi Bo CMS variable coverage leads to sql injection vulnerability analysis report-vulnerability warning-the black bar safety net

Blog post author: Alibaba security research lab—supporting su Release date: 2015-3-10 Blog post content: The recent Alibaba security research laboratory vulnerability monitoring system to monitor attendance Bo cms exist high-risk vulnerabilities that can lead to SQL vulnerability and thus affect...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2012-137) (ROBOT)

Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086 , CVE-2012-5084 , CVE-2012-5089 Multiple improper permission check issues...

CVE-2013-0001

CVE-2013-0001 concerns a vulnerability in the Windows Forms (WinForms) component of Microsoft .NET Framework (1.0 SP3–4.5). The root cause is improper initialization of memory arrays and use of a pointer to unmanaged memory, enabling information disclosure. Exploitation could occur via a crafted ...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20121017) (ROBOT)

Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086, CVE-2012-5084, CVE-2012-5089 Multiple improper permission check issues we...

eWebeditoR3. 8 for php arbitrary file upload EXP-vulnerability warning-the black bar safety net

! titleeWebeditoR3. 8 for php any file on the EXP/title form action="" method=post enctype="multipart/form-data" INPUT TYPE="hidden" name="MAXFILESIZE" value="5 1 2 0 0 0" A href="http://hi.baidu.com/fc/editor/input"URL:input type=text name=url value="" size=1 0 0br INPUT TYPE="hidden"...

PHP168 V6.02 /member/post.php代码执行漏洞

PHP168整站是PHP领域当前功能最强大的建站系统，代码全部开源，可极其方便的进行二次开发，所有功能模块可以自由安装与删除，个人用户完全免费使用。 PHP168在某数组没有初试化,导致可以提交任意代码执行。 PHP168 V6.02 暂无 等待官方补丁...

Design/Logic Flaw

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...

CVE-2008-1302

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...