UBUNTU-CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

SUSE CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

CVE-2023-24810 Cross site scripting (XSS) vulnerability using authentication callback in Misskey

Misskey is an open source, decentralized social media platform. Due to insufficient validation of the redirect URL during miauth authentication in Misskey, arbitrary JavaScript can be executed when a user allows the link. All versions below 13.3.1 including 12.x are affected. This has been fixed ...

K95432245: PHP vulnerability CVE-2016-5768

Security Advisory Description Double free vulnerability in the phpmbregexeregreplaceexec function in phpmbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service application...

SUSE CVE-2005-2263

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of t...

SUSE CVE-2007-6682

Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter...

SUSE CVE-2008-1318

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...

SUSE CVE-2010-0734

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

SUSE CVE-2010-1527

Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action...

SUSE CVE-2010-4261

Off-by-one error in the iconcb function in peicons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third...

SUSE CVE-2011-2363

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

SUSE CVE-2012-2369

Format string vulnerability in the logmessagecb function in otr-plugin.c in the Off-the-Record Messaging OTR pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message...

SUSE CVE-2013-1860

Heap-based buffer overflow in the wdmincallback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted cdc-wdm USB device...

SUSE CVE-2013-2921

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering...

SUSE CVE-2013-7490

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption...

SUSE CVE-2014-3193

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

SUSE CVE-2014-9732

The cabdextract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted CAB...

SUSE CVE-2015-6757

Use-after-free vulnerability in content/browser/serviceworker/embeddedworkerinstance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a...

SUSE CVE-2015-6767

Use-after-free vulnerability in content/browser/appcache/appcachedispatcherhost.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance...

SUSE CVE-2015-8615

The hvmsetcallbackvia function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method HVMPARAMCALLBACKIRQ...