Moodle Denial of Service Vulnerability (CNVD-2024-13538)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A denial-of-service vulnerability exists in Moodle, which stems from insufficient file size checking, and can be exploited by an attack...

Google Android Information Disclosure Vulnerability (CNVD-2024-24392)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to a lack of permission checking in several features of healthconnect. The vulnerability can be exploited by an attacker to obtain sensitive informatio...

Fedora 38 : rust-routinator (2024-28a151028a)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-28a151028a advisory. from changelog: Fix the RTR listener so that Routinator wont exit if an incoming RTR connection is closed again too quickly. 937, reported by Yohei Nishimura...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1392)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

JWX is vulnerable to Denial of Service DoS. The vulnerability is caused due improper checking of the decompressed data size, allowing an attacker to craft a malicious input with an exceptionally high compression ratio, leading to a Denial of Service DoS condition by consuming excessive memory...

National Instruments LabVIEW Security Vulnerability

National Instruments LabVIEW NI LabVIEW is a graphical program compilation platform from National Instruments. A security vulnerability exists in National Instruments LabVIEW that stems from a lack of boundary checking, which results in out-of-bounds writes. An attacker could exploit the...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the initdata method of the TBD module, which may result in out-of-bounds writes...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the initdata method of the TBD module, which may result in out-of-bounds writes...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the bigounlockedioctl method of the bigo.c file, which may be subject to post-release reuse...

National Instruments LabVIEW Security Vulnerability

National Instruments LabVIEW NI LabVIEW is a graphical program compilation platform from National Instruments. A security vulnerability exists in National Instruments LabVIEW that stems from a lack of boundary checking, which results in out-of-bounds writes. An attacker could exploit the...

Fedora: Security Advisory for rsyntaxtextarea (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: rsyntaxtextarea-3.1.3-11.fc40

RSyntaxTextArea is a customizable, syntax highlighting text component for Java Swing applications. Out of the box, it supports syntax highlighting for 40+ programming languages, code folding, search and replace, and has add-on libraries for code completion and spell checking. Syntax highlighting...

Denial Of Service (DOS)

pocketmine/pocketmine-mp is vulnerable to Denial Of Service. The vulnerability is due to a lack of bounds checking when accessing inventory slots while calling function BaseInventory-getItem. This leads to an unhandled exception and potentially leads to Denial of service via malformed...

BIT-TENSORFLOW-2022-23592 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...

BIT-ENVOY-2022-29224 Segmentation fault leading to crash in Envoy

Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold” prevent removal upstrea...

Sulu Security Breach

Sulu is a Symfony framework on an extensible, PHP-based open source content management system from Sulu, Austria. A security vulnerability exists in Sulu versions 2.2.0 through prior to 2.5.13, which stems from the ability to grant access to a page regardless of the permissions of a role in a...

Jenkins Subversion Partial Release Manager Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Ubuntu: Security Advisory (USN-6678-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6678-1: libgit2 vulnerabilities

It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.0...

CVE-2024-27931 Insufficient permission checking in `Deno.makeTemp*` APIs

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in Deno.makeTemp APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect othe...