17 matches found
EUVD-2017-18434
Malware in sbrugna...
[SECURITY] Fedora 41 Update: rust-tinystr-0.7.6-4.fc41
A small ASCII-only bounded length string representation...
[SECURITY] Fedora 40 Update: rust-tinystr-0.7.6-4.fc40
A small ASCII-only bounded length string representation...
[SECURITY] Fedora 42 Update: rust-tinystr-0.7.6-4.fc42
A small ASCII-only bounded length string representation...
GHSA-8655-XGH5-5VVQ fast-fault has a segmentation fault due to lack of bound check
In this case, the "fastfloat::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...
Segmentation fault due to lack of bound check
In this case, the "fastfloat2::common::AsciiStr::first" method within the "AsciiStr" struct uses the unsafe keyword to reading from memory without performing bounds checking. Specifically, it directly dereferences a pointer offset by "self.ptr". Because of the above reason, the method accesses...
SUSE CVE-2024-46823
In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...
CVE-2024-46823
A flaw was found in the Linux kernel before initialization in subsystem tests. The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope, however, it is being used as a driver name when calling 'kunitdrivercreate' from 'kunitdeviceregister', which can produce a kerne...
CVE-2024-46823
In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...
AZL-53307 CVE-2024-46823 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...
SUSE CVE-2012-1141
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted ASCII string in a BDF font...
CVE-2012-1141
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted ASCII string in a BDF font...
CVE-2012-1141
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted ASCII string in a BDF font...
Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within vxsvc.exe. The problem affecting the part of...
CVE-2009-2727
Stack-based buffer overflow in the ttinternalrealpath function in the ToolTalk library libtt.a in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long...
Stack overflow
Stack-based buffer overflow in the ttinternalrealpath function in the ToolTalk library libtt.a in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long...
CVE-2009-2727
Stack-based buffer overflow in the ttinternalrealpath function in the ToolTalk library libtt.a in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long...