xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...

[SECURITY] Fedora 36 Update: python-jupyter-core-4.9.1-3.fc36

Core common functionality of Jupyter projects. This package contains base application classes and configuration inherited by other projects...

OSV-2023-35 Heap-buffer-overflow in parse_classes_64

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55451 Crash type: Heap-buffer-overflow READ 4 Crash state: parseclasses64 classes rbinobjectsetitems...

3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox

Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. --- ANY.RUN's top...

The vulnerability of the scsi_ioctl function (drivers/scsi/scsi_ioctl.c) in the Linux operating system, which allows a hacker to increase their privileges

The vulnerability of the scsiioctl function drivers/scsi/scsiioctl.c in the Linux operating system is related to the improper handling of SCSI device classes during SCSI command authorization. Exploiting this vulnerability can allow an attacker to enhance their privileges...

GSD-2023-1001233 net: sched: disallow noqueue for qdisc classes

net: sched: disallow noqueue for qdisc classes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

PT-2023-10817 · Bigtree · Events Extension

Name of the Vulnerable Software and Affected Versions: Events Extension on BigTree affected versions not specified Description: A critical issue was found in the Events Extension, affecting the getRandomFeaturedEventByDate, getUpcomingFeaturedEventsInCategoriesWithSubcategories, recacheEvent, and...

Contextual Related Posts < 3.3.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks 1. Insert a "Contextual Related Posts" block, and give ...

CVE-2021-32824 Regular expression Denial of Service in MooTools

Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to pre-auth remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main service port can be used to access a Telnet Handler which offers some basic methods t...

GHSA-8W5G-3WCV-9G2J Tensorflow vulnerable to Out-of-Bounds Read

Impact When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs. python tf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 Patches We have...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Yu...

AZL-11524 CVE-2022-41880 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in...

PT-2022-26112 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11 TensorFlow versions 2.10.1, 2.9.3, and 2.8.4 Description: The issue occurs when the BaseCandidateSamplerOp function receives a value in true classes larger than range max, resulting in a heap out-of-bounds...

CVE-2022-41880

TensorFlow is an open source platform for machine learning. When the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in...

ALSA-2022:7593 Moderate: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. Security Fixes: python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107. For more details abo...

ROS-20221103-03

A vulnerability in the Apache Batik XML SVG graphics rendering, generation, and management library is related to the fact that, the application allows Java classes to be run via JavaScript. Exploitation of the vulnerability could allow an attacker acting remotely to use JavaScript to execute a Ja...

PT-2022-36722 · Git +1 · Radare2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the functions parse classes 64, classes, and r bin object set items. No...

PT-2022-36705 · Git +1 · Radare2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the functions parse classes 64, classes, and r bin object set items. No...

CVE-2022-39297 Deserialization of untrusted data in MelisCms

MelisCms provides a full CMS for Melis Platform, including templating system, drag'n'drop of plugins, SEO and many administration tools. Attackers can deserialize arbitrary data on affected versions of melisplatform/melis-cms, and ultimately leads to the execution of arbitrary PHP code on the...

CVE-2022-39298 Deserialization of untrusted data in MelisFront

MelisFront is the engine that displays website hosted on Melis Platform. It deals with showing pages, plugins, URL rewritting, search optimization and SEO, etc. Attackers can deserialize arbitrary data on affected versions of melisplatform/melis-front, and ultimately leads to the execution of...