PT-2023-31628 · Unknown +1 · Cats-Parse +1

Name of the Vulnerable Software and Affected Versions: Grackle versions prior to 0.18.0 Description: The issue arises from two stack overflow vulnerabilities in Grackle, a GraphQL server written in functional Scala. The first vulnerability occurs because Grackle did not check for cyclic fragments...

Heap overflow

When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...

CVE-2023-33221 Heap Buffer Overflow when reading DESFire card

When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you...

CVE-2023-42799 Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString`

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious ga...

IBM i 代码问题漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. An authorization issue vulnerability exists in IBM i Access Client Solutions that stems from improper privilege checking and can be exploited by an attacker to execute...

CVE-2023-42886

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution...

CVE-2023-42886

CVE-2023-42886 is an out-of-bounds read in Apple macOS components (notably CoreServices) that could lead to unexpected app termination or arbitrary code execution. Technical details across connected docs show a fix via improved bounds checking, with patches in macOS Sonoma 14.2, macOS Ventura 13....

Privilege escalation

Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Netatalk vulnerability (USN-6552-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has a package installed that is affected by a vulnerability as referenced in the USN-6552-1 advisory. Florent Saudel and Arnaud Gatignol discovered that Netatalk incorrectly handled certain specially crafted Spotlight requests. A remote attacke...

Heap Buffer Overflow

GPAC is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper bound checking via the str2ulong class in src/mediatools/avilib.c, resulting in Heap Buffer Overflow...

CVE-2023-36646

Incorrect user role checking in multiple REST API endpoints in ProLion CryptoSpike 3.0.15P2 allows a remote attacker with low privileges to execute privileged functions and achieve privilege escalation via REST API endpoint invocation...

The vulnerability of the Squid proxy server, related to insufficient checking of exclusive states, allows a hacker to trigger a service failure.

The vulnerability of the Squid proxy server is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

apr security update

1.7.0-12 - fix integer bounds checking in aprencode Resolves: RHEL-17123...

macOS 13.x < 13.6.3 Multiple Vulnerabilities (HT214038)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.6.3. It is, therefore, affected by multiple vulnerabilities: - Buffer Overflow vulnerability in oneonemapping function in progs/dumpentry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service vi...

CVE-2023-28527

IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206...

CVE-2023-28526

IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204...

CVE-2023-28526

IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204...

CVE-2023-28527

IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206...

CVE-2023-28523

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753...