CVE-2022-2989

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

CVE-2022-2989

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

mariadb: use-after-poison in Binary_string::free_buffer

A flaw was found in the MariaDB Server. It contains a use-after-free in the component, Binarystring::freebuffer at /sql/sqlstring.h, affecting availability...

mariadb: use-after-poison in Binary_string::free_buffer

A flaw was found in the MariaDB Server. It contains a use-after-free via the component,Binarystring::freebuffer at /sql/sqlstring.h, affecting availability...

Safari < 16 Multiple Vulnerabilities

Binary data 701421.pasl...

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

PT-2022-24427 · Lief · Lief

Name of the Vulnerable Software and Affected Versions: LIEF version 365a16a Description: A heap-buffer overflow issue was discovered via the function print binary at /c/macho reader.c. This issue affects LIEF and can be exploited. Recommendations: For LIEF version 365a16a, update to a version tha...

Amanda 路径遍历漏洞

Amanda is an automated network disk archiver organized by the University of Maryland at College Park. Allows IT administrators to set up a single primary backup server to back up multiple hosts to tape drives/converters or disk or optical media over a network. A security vulnerability exists in...

CVE-2022-37703

CVE-2022-37703 affects Amanda 3.5.1 with an information-disclosure in the calcsize SUID binary. The calcsize binary uses opendir() at root without path validation, enabling a local attacker to determine whether a given directory exists anywhere on the filesystem. This is a local privilege-scope i...

PT-2022-24043 · Amanda +2 · Amanda +2

Name of the Vulnerable Software and Affected Versions: Amanda version 3.5.1 Description: An information leak issue was discovered in the calcsize SUID binary, allowing an attacker to determine if a directory exists anywhere in the file system. The binary uses the opendir function as root without...

LIEF 缓冲区错误漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF has a security vulnerability that stems from a heap buffer overflow in the printbinary function in /c/machoreader.c. The vulnerability is caused b...

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

binarytranslator.com Cross Site Scripting vulnerability OBB-2907708

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

UBUNTU-CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

Design/Logic Flaw

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

Cisco Webex App Installed

Binary data ciscowebexappinstalled.nbin...

CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

PSF-2022-4 Prevent DoS by large str-int conversions

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...