The vulnerability of the dcraw_common.cpp component in the LibRaw image processing library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the dcrawcommon.cpp component in the LibRaw image processing library is related to the output of operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, an...

The vulnerability of the `append_to_verify_fifo_interleaved_` function in the `streamencoder.c` component of the FLAC audio codec allows a hacker to gain access to confidential data.

The vulnerability of the appendtoverifyfifointerleaved function in the streamencoder.c component of the FLAC audio encoder is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data...

Security Bulletin: Buffer overrun vulnerability when executing unspecified SQL statements in IBM Informix (CVE-2012-4857)

Abstract A malicious user who has or manages to gain access as an authenticated user and connects either locally or remotely to the Informix database server can cause a buffer overflow that crashes the Informix database server or allows arbitrary code to be executed within the Informix database...

Security Bulletin: IBM Tivoli Monitoring Basic Services Vulnerabilities (CVE-2013-2960, CVE-2013-2961 , CVE-2013-0548, CVE-2013-0551)

Abstract Several vulnerabilites have been resolved in the Basic Services component of IBM Tivoli Monitoring. These vulnerabilies could have potentially caused a denial of service or Cross Site Scripting XSS exposure.. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2960 DESCRIPTION: The HTTP...

The vulnerability of the coders/png.c component in the cross-platform library for working with graphics in GraphicsMagick, which allows a hacker to trigger a service failure.

The vulnerability of the coders/png.c component in the cross-platform library for working with graphics in GraphicsMagick is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the LD_LIBRARY_PATH environment variable allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the LDLIBRARYPATH environment variable in the GNU C Library is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

ruby security, bug fix, and enhancement update

3.0.4-160 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109428 - OpenSSL test suite fixes due to disabled SHA1. Related: rbhz2109428 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...

ruby: Buffer overrun in String-to-Float conversion

A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...

Moderate: Red Hat Security Advisory: ruby security, bug fix, and enhancement update

An update for ruby is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

ruby security, bug fix, and enhancement update

An update is available for ruby. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an extensible, interpreted, object-oriented, scripting language. It has...

RHEL 9 : ruby (RHSA-2022:6585)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6585 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

ROS-20220920-01

The grubscriptfunctioncreate function of the Grub configuration file has a vulnerability due to a function override error. function override error while this function is already executed. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its...

The vulnerability of the PVRDMA_CMD_CREATE_MR command in the QEMU hardware emulation software allows a hacker to trigger a service failure.

The vulnerability of the PVRDMACMDCREATEMR command in the QEMU hardware emulation software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to cause a system failure...

The vulnerability of the QEMU hardware emulation software, related to writing beyond the buffer boundaries, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of the file system driver of Windows operating systems allows a hacker to execute arbitrary code with system privileges.

The vulnerability of the file system driver of Windows operating systems is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with system privileges...

CVE-2022-40657

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40652

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

ruby:3.0 security, bug fix, and enhancement update

ruby 3.0.4-141 - Upgrade to Ruby 3.0.4. Resolves: rhbz2109431 Resolves: rhbz2110981 - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 - Fix buffer overrun in String-to-Float conversion. Resolves: CVE-2022-28739...

CVE-2022-39154

A vulnerability has been identified in Parasolid V33.1 All versions = V33.1.262 = V35.0.161 V35.0.164, Simcenter Femap V2022.1 All versions V2022.1.3, Simcenter Femap V2022.2 All versions V2022.2.2. The affected application contains an out of bounds write past the end of an allocated buffer while...

CVE-2022-39143

A vulnerability has been identified in Parasolid V33.1 All versions = V33.1.262 = V35.0.161 V35.0.164, Simcenter Femap V2022.1 All versions V2022.1.3, Simcenter Femap V2022.2 All versions V2022.2.2. The affected application contains an out of bounds write past the end of an allocated buffer while...