RHEL 6 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - mercurial:...

PYSEC-2024-281

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

CVE-2024-33763

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

PYSEC-2024-281

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

CVE-2024-33763

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

CVE-2024-33763

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

CVE-2024-33763

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

CVE-2024-33763

CVE-2024-33763 affects lunasvg v2.3.9 with a stack-based buffer issue in lunasvg/source/layoutcontext.cpp. The SNYK entry describes a stack-based overflow due to improper buffer size validation, potentially enabling code execution or DoS. Remediation per the linked advisory is to upgrade to lunas...

OSV-2024-336 Stack-buffer-underflow in mkechar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68343 Crash type: Stack-buffer-underflow READ 4 Crash state: mkechar sympartition ntod...

PT-2024-40721 · Git +1 · Flex

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided input. Description: The issue is related to a stack-buffer-underflow READ 4 crash type. The crash state involves functions such as mkechar, sympartition, and ntod. No information ...

OSV-2024-319 Stack-buffer-underflow in filter_apply_chain

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68328 Crash type: Stack-buffer-underflow READ 4 Crash state: filterapplychain filterapplychain initializeoutputfilters...

PT-2024-40711 · Git +1 · Flex

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read crash. The crash state includes functions such as filter apply chain and initialize output filters...

CVE-2024-26828

In the connected Tencent/TSSA advisory for CVE-2024-26828, the Linux kernel CIFS fix is described: the underflow in parse_server_interfaces() arises from comparing ssize_t bytes_left with size_t sizeof(), causing the loop to continue when bytes_left is negative. The remediation fixes this by corr...

CVE-2024-26828 cifs: fix underflow in parse_server_interfaces()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a parseserverinterfaces buffer underflow...

CVE-2023-34351

Buffer underflow in some IntelR PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access...

CVE-2023-34351

Buffer underflow in some IntelR PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access...

Buffer overflow

Buffer underflow in some IntelR PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access...

CVE-2023-34351

Buffer underflow in some IntelR PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access...

CVE-2023-34351

Buffer underflow in some IntelR PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access...