CVE-2020-12837

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used...

DEBIAN-CVE-2020-8252

The implementation of realpath in libuv 10.22.1, 12.18.4, and 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes...

DEBIAN-CVE-2020-25576

An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints...

UBUNTU-CVE-2020-25576

An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints...

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol.

...

golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs

A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...

Medium: python-rsa

Issue Overview: Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior...

Huawei EulerOS: Security Advisory for python-rsa (EulerOS-SA-2020-1878)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2020-25016

A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...

CVE-2020-25016

A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...

UBUNTU-CVE-2020-25016

A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...

EulerOS 2.0 SP8 : python-rsa (EulerOS-SA-2020-1878)

According to the version of the python-rsa packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g.,...

GNU Bison Post-Release Reuse Vulnerability

GNU Bison is free software for the automatic generation of syntax parser programs. A post-release reuse vulnerability exists in GNU Bison 3.7. A local attacker can cause a system crash by exploiting this vulnerability via a specially crafted input file containing NULL bytes...

Linux/x86 execve /bin/sh Shellcode (10 bytes)

Exploit Title: Linux/x86 - execve "/bin/sh" 10 bytes Google Dork: None Exploit Author: cybersaki Vendor Homepage: None Software Link: None Version: None Tested on: Kali linux 2020.2a i386 x86 CVE : none Shellcode-length : 10 SLAE-id : Purchased | email protected Reference :...

MGASA-2020-0325 Updated golang packages fix security vulnerability

Servers where the Handler concurrently reads the request body and writes a response can encounter a data race and crash. The httputil.ReverseProxy Handler is affected CVE-2020-15586. Certain invalid inputs to ReadUvarint or ReadVarint could cause those functions to read an unlimited number of byt...

The vulnerability of the s390/s390x memory controller component in Linux operating systems allows attackers to disclose sensitive information that should be protected.

The vulnerability of the s390/s390x memory controller component in Linux operating systems is related to incorrect handling of zero bytes or Nul characters during data exchange. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security...

go -- encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs

The Go project reports: Certain invalid inputs to ReadUvarint or ReadVarint could cause those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This could lead to processing more input than expected when the caller is reading directly from the...

GHSA-VH7M-P724-62C2 Signature Malleabillity in elliptic

The Elliptic package before version 6.5.3 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature...

Buffer overflow

RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64decode uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64estimatedecodesize function calculates the expected decoded size...

DEBIAN-CVE-2020-4067

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client an attacker could use their connection to intelligently query coturn to get interesting bytes in the...