ALPINE-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

AZL-7835 CVE-2022-23852 affecting package expat for versions less than 2.4.8-1

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

UBUNTU-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

PT-2022-3811

Name of the Vulnerable Software and Affected Versions CentOS Web Panel versions prior to 0.9.8.1107 Description The issue is related to incorrect handling of code generation in CentOS Web Panel, allowing a remote attacker to execute arbitrary code using a specially crafted request. An...

The vulnerability in the implementation of the ntfs_get_attribute_value function of the NTFS file system driver for the FUSE NTFS-3G module allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ntfsgetattributevalue function in the NTFS file system driver for the FUSE NTFS-3G module is related to an incorrect check of the bytesinuse value. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause service...

GHSA-FF2R-XPWQ-6WHJ Use of Uninitialized Resource in gfx-auxil

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

GHSA-5VWC-R48G-WJ6C Abomonation transmutes &T to and from &[u8] without sufficient constraints

An issue was discovered in the abomonation crate through version 0.7.3 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

CVE-2021-45941

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow 8 bytes in bpfobjectopen called from bpfobjectopenmem and bpf-object-fuzzer.c...

CVE-2021-45941

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow 8 bytes in bpfobjectopen called from bpfobjectopenmem and bpf-object-fuzzer.c...

Heap overflow

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow 4 bytes in bpfobjectopen called from bpfobjectopenmem and bpf-object-fuzzer.c...

PT-2025-8451

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, specifically in the ASoC: SOF: ipc3-topology component. The issue arises when the sof get control data function is called with a...

CVE-2021-45911

An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer...

DEBIAN-CVE-2021-45911

An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer...

PT-2021-24315 · Gif2Apng +2 · Gif2Apng +2

Name of the Vulnerable Software and Affected Versions: gif2apng version 1.9 Description: An issue was discovered that allows a heap-based buffer overflow in the main function, enabling an attacker to write 2 bytes outside the boundaries of the buffer. Recommendations: For gif2apng version 1.9, at...

RLSA-2021:5236 Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.5. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

ALSA-2021:5236 Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.5. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

RLSA-2021:5235 Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...

Moderate: Red Hat Security Advisory: rh-postgresql13-postgresql security update

An update for rh-postgresql13-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...