7652 matches found
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from the US-based company Mattermost. Mattermost suffers from a security vulnerability that stems from a lack of privilege checking, which an attacker could utilize to list and view other teams' scripts...
CVE-2022-32830
CVE-2022-32830 is an out-of-bounds read vulnerability in ImageIO affecting tvOS/iOS/iPadOS up to version 15.6; exploitation through processing a malicious image could disclose user information. Other Apple components listed in tvOS 15.6/ iOS 15.6/ iPadOS 15.6 have separate CVEs. Remediation: upda...
CVE-2022-32830
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information...
CVE-2022-32830
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information...
ALPINE-CVE-2022-4203
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
Buffer overflow
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
CVE-2022-4203
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
SUSE SLES15 / openSUSE 15 Security Update : openssl-1_1-livepatches (SUSE-SU-2023:0482-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0482-1 advisory. - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralName via livepatch bsc1207533. Tenable has extracted the preceding...
Debian: Security Advisory (DLA-3340-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3340-1] libgit2 security update
Debian LTS Advisory DLA-3340-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost February 23, 2023 https://wiki.debian.org/LTS Package : libgit2 Version : 0.27.7+dfsg.1-0.2+deb10u1 CVE ID : CVE-2020-12278 CVE-2020-12279 CVE-2023-22742 Debian Bug : 1029368 A vulnerabili...
Design/Logic Flaw
A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...
CVE-2023-20089 Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability
A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...
PT-2023-2185 · Wasmtime · Wasmtime
Name of the Vulnerable Software and Affected Versions: wasmtime versions prior to 4.0.1 wasmtime versions prior to 5.0.1 wasmtime versions prior to 6.0.1 Description: The issue is related to a bug in the Cranelift code generator of wasmtime, which mistakenly calculates a 35-bit effective address...
Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability
A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...
K8924: Linux kernel vulnerability CVE-2007-3843
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K16984: PCRE library vulnerability CVE-2015-2326
Security Advisory Description PCRE library is prone to a vulnerability which leads to Heap overflow. Without enough bound checking inside pcrecompile2, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many...
K16983: PCRE library vulnerability CVE-2015-2325
Security Advisory Description PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compilebranch, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applicatio...
K22715344: PolicyKit vulnerability CVE-2019-6133
Security Advisory Description In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...
K31434612: BSD link_ntoa vulnerability CVE-2016-6559
Security Advisory Description Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications...
K22113693: Linux kernel vulnerability CVE-2021-42739
Security Advisory Description The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avccapmt mishandles bounds checking. CVE-2021-42739 Impact There is no impact; F5 product...