MongoDB Server may have unexpected application behaviour due to invalid BSON

Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior t...

CVE-2022-48696

In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...

CVE-2022-48696

In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

The vulnerability of the rtw_get_tx_power_params() function of the UBSAN service (Undefined Behaviour Sanity Checker) in the Linux operating system allows a hacker to disclose protected information.

The vulnerability of the rtwgettxpowerparams function of the UBSAN service Undefined Behaviour Sanity Checker in Linux kernel is related to the occurrence of operations outside the buffer in memory due to inconsistencies in the channel group values. Exploitation of this vulnerability can allow an...

CVE-2021-47065

In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...

DEBIAN-CVE-2021-47065

In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...

RUSTSEC-2024-0017 Non-idiomatic use of iterators leads to use after free

Code that attempts to use an item e.g., a row returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. Code that uses the item and then advances the iterator is unaffected. This problem has always existed. This is ...

GHSA-P5Q9-86W4-2XR5 SMTP smuggling in Apache James

Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling. A lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an attacker to forge an SMTP envelop, allowing for instance to...

Forminator and Forminator Pro < 1.27.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize the redirect-url field in the form submission settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup. Select...

Behaviour of Distributor when user appears in multiple merkle trees

Lines of code Vulnerability details Impact To avoid that a user can claim the same amount multiple times, the following code is used: uint256 toSend = amount - claimedusertoken.amount; However, the Distributor contract supports updating the merkle tree via updateTree. But because the claimed...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2023-2149)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to...

kernel: rtw89: cfo: check mac_id to avoid out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...

CVE-2023-26097

An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify the application behaviour may not be blocked...

spin-rs initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

GHSA-2QV5-7MW5-J3CG spin-rs initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

Initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

Invalid Downcast

firefox is vulnerable to Invalid Downcast. The vulnerability exists because the invalid downcast from nsTextNode to SVGElement leads to undefined behaviour...

Invalid Downcast

firefox is vulnerable to Invalid Downcast. The vulnerability exists because the invalid downcast from nsTextNode to nsIContent leads to undefined behaviour...