curl: Buffer Overflow in curl's Rustls Backend

Summary: summary of the vulnerability A buffer overflow vulnerability exists in the curl library's Rustls backend due to an integer overflow in the dynamic buffer management. This issue could potentially allow an attacker to overwrite memory, leading to application crashes or, in theory, arbitrar...

TOTOLINK LR1200GB 安全漏洞

The TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's Gion Electronics TOTOLINK. The TOTOLINK LR1200GB suffers from a buffer overflow vulnerability that originates from the parameter httphost in the file /cgi-bin/cstecgi.cgi that can lead to a stack-based buffer overflow, and n...

UBUNTU-CVE-2024-26327

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...

DEBIAN-CVE-2022-0322

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

MGASA-2021-0574 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.10 and fixes at least the following security issues: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a...

Important: Red Hat Security Advisory: linux-firmware security and bug fix update

An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

SUSE SLED15 / SLES15 Security Update : spice-gtk (SUSE-SU-2018:2709-1)

This update for spice-gtk fixes the following issues : Security issues fixed : CVE-2018-10873: Fix potential heap corruption when demarshalling bsc1104448 CVE-2018-10893: Avoid buffer overflow on image lz checks bsc1101295 Other bugs fixed: Add setuid bit to spice-client-glib-usb-acl-helper...

CVE-2016-10272

LibTIFF 4.0.7 allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tifnext.c:64:9...

CentOS Update for xen CESA-2011:1401 centos5 i386

Check for the Version of xen OpenVAS Vulnerability Test CentOS Update for xen CESA-2011:1401 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200904-19 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Debian Security Advisory DSA 033-1 (analog)

The remote host is missing an update to analog announced via advisory DSA 033-1. OpenVAS Vulnerability Test $Id: deb0331.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 033-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

openssl096b, wget security update

CentOS Errata and Security Advisory CESA-2005:830 Updated wget packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GNU Wget is a file retrieval utility that can use either the HTTP or FTP...

gaim security update

CentOS Errata and Security Advisory CESA-2005:365 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073719.html https://lists.centos.org/pipermail/centos-announce/2005-April/073720.html...

mail_bof.txt

Subject: Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug To: [email protected] Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug by The Shadow Penguin Securuty http://shadowpenguin.backsection.net 1. Introduction I confirmed many kin...