16929 matches found
Astra Linux – Vulnerability in glibc
A out-of-bounds write vulnerability was discovered in glibc before version 2.31, when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution...
Astra Linux – Vulnerability in librabbitmq
A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: libceph: fixed invalid accesses to cephconnectionv1info. There is a place where generic code in messenger.c reads from certain fields, and another place where it writes to members of the con-v1 union without checking that those...
Astra Linux – Vulnerability in glibc
The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc from version 2.34 onwards copies the path argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the applicati...
Astra Linux – Vulnerability in glibc
The iconv function in the GNU C Library also known as glibc or libc6 versions 2.32 and earlier, when processing invalid multi-byte input sequences in encodings such as IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399, fails to advance the input state properly. This can lead to an infinite loop in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumaclerp: Fixed object nesting warnings ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pin Assignments A poorly implemented DisplayPort Alt Mode port partner may indicate that its pin assignment capabilities exceed the maximum value, DPPINASSIGNF. In this case,...
Astra Linux – Vulnerability in glibc
A flaw has been identified in glibc. In a rare situation, the gaihinet function may use memory that has already been freed, leading to an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
Astra Linux – Vulnerability in glibc
The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...
Astra Linux – Vulnerability in glibc
NSCD: The NetGroup Cache may terminate the daemon due to a memory allocation failure. The NetGroup Cache Daemon’s NSCD netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. This flaw...
Astra Linux – Vulnerability in binutils
“findabstractinstance” in dwarf2.c, located in the Binary File Descriptor BFD library also known as libbfd, as part of GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash through a crafted ELF file...
Malicious code in node-slot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d71bcdec983467ab6a47b538e524abc1cdafc98b411761bffb375be17d72009 On npm install, package.json's postinstall hook executes node test.js which invokes code in index.js that performs two distinct attacks on the...
PT-2026-51088
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj is a JSON parser and Object marshaller for Ruby. A Use-After-Free issue exists when using the Oj::Parser in SAJ mode. The parser fails to protect cached object keys of 35 bytes or more from garbage...
PT-2026-51083
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj::Doc iterators each value, each child, each leaf are subject to a heap use-after-free. This occurs when a Ruby block yielded during iteration calls doc.close or d.close, causing the document's heap...
binary-exploitation-labs
Binary Exploitation & Reverse Engineering Labs Hands-on labs...
aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines
Summary It is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. Impact If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potential...
GHSA-63HW-FMQ6-XXG2 aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines
Summary It is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. Impact If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potential...
Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by command injection.
Summary glob-10.4.5.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-64756. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command...
CVE-2025-55641
A NULL pointer dereference in the gfisomcopysampleinfo function isomedia/isomwrite.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
PT-2026-49591
Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description An issue exists in the C parser of the asynchronous HTTP client/server framework where the max line size check can be bypassed in parts of an HTTP request. When using the optimized C parser, which i...