USN-8268-1: Dnsmasq vulnerabilities

Andrew S. Fasano, Royce M, and Hugo Martinez Ray discovered that Dnsmasq did not allocate the necessary space to store domain names in some contexts. An attacker could possibly use this issue to write out-of-bounds, and could cause a denial of service or execute arbitrary code. CVE-2026-2291 Royc...

EUVD-2018-10229

Malware in sbrugna...

rust-openssl: rust openssl ssl::select_next_proto use after free

A flaw was found in the rust-openssl package. In certain versions, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cau...

rust-openssl: rust openssl ssl::select_next_proto use after free

A flaw was found in the rust-openssl package. In certain versions, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cau...

CVE-2025-24898

rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than th...

CVE-2025-24898

CVE-2025-24898 affects rust-openssl: ssl::select_next_proto can return a slice tied to the server buffer with a lifetime bound to the client, enabling a use-after-free if the server buffer’s lifetime is shorter. The Debian LTS advisory notes a fix in rust-openssl 0.10.29-1+deb11u1, addressing the...

rust-openssl ssl::select_next_proto use after free

Impact ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the server buffer's lifetime is shorter than the client buffer's, this can cause a use after free. This could cause the server to crash o...

[SECURITY] Fedora 41 Update: znc-clientbuffer-0-0.28.20190129git9766a4a.fc41

The client buffer module maintains client specific buffers for identified clients...

CVE-2024-42275

In CVE-2024-42275, the Linux kernel’s drm/client path fixes an error code in drm_client_buffer_vmap_local() that previously returned success on a failure path, causing locking issues and an uninitialized map_copy in the caller. The vulnerability is resolved by the upstream kernel fix. No exploits...

CVE-2024-42275 drm/client: Fix error code in drm_client_buffer_vmap_local()

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

ALPINE-CVE-2024-1931

NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...

Updated epiphany packages fix security vulnerability

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. CVE-2022-29536...

Buffer overflow

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered...

CVE-2022-29536

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered...

Out-of-bounds (OOB) Read

firefox:trusty is vulnerable to out-of-bounds read. It can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers...

UBUNTU-CVE-2018-18504

A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox 65...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-18500: Use-after-free parsing HTML5 stream CVE-2018-18503: Memory corruption with Audio Buffer CVE-2018-18504: Memory corruption and out-of-bounds read of texture client buffer CVE-2018-18505: Privilege escalation through IPC channel messages CVE-2018-18506:...

RedHat Update for libsoup RHSA-2017:2459-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Xlink FTP Client Buffer Overflow

No description provided by source. $Id: xlinkclient.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

[SECURITY] [DSA 2736-1] putty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2736-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 11, 2013 http://www.debian.org/security/faq -...