CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the iscontinue case in hugetlbmcopyatomicpte, if we bail out using "goto outreleaseunlock;" in the cases where idx = size, or !hugeptenone, the code...

CVE-2023-31347

Due to a code bug in SecureTSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity...

Design/Logic Flaw

Due to a code bug in SecureTSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity...

CVE-2023-31347

Due to a code bug in SecureTSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity...

CVE-2023-31347

Due to a code bug in SecureTSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity...

CVE-2023-31347

CVE-2023-31347 stems from a code bug in Secure_TSC used by SEV firmware, potentially allowing a high-privilege attacker to cause a guest to observe an incorrect TSC, risking guest integrity. Affected: AMD SEV/SEV-SNP firmware; impact: loss of guest integrity with no disclosed remote code executio...

CVE-2023-45286

A race condition in go-resty can result in HTTP request body disclosure across requests. This condition can be triggered by calling sync.Pool.Put with the same bytes.Buffer more than once, when request retries are enabled and a retry occurs. The call to sync.Pool.Get will then return a bytes.Buff...

CVE-2023-29583

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parseexpr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from a logic error in the code that may fail to truncate images...

SUSE CVE-2017-9242

The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...

SUSE CVE-2017-13044

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4print...

SUSE CVE-2021-33815

dwauncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dccount is not strictly checked...

Unable To Verify Signature If There Are Too Many Signers And Operators

Lines of code Vulnerability details It was observed that there is a nested for loop within the AxelarAuthWeighted.validateSignatures function. If there are a large number of signatures and operators, it will result in an "Out of Gas" error or a "Block Gas Limit" error and the command's signature...

OPENSUSE-SU-2021:1588-1 Security update for seamonkey

This update for seamonkey fixes the following issues: update to SeaMonkey 2.53.10.1 Security fix for NSS code bug 1737470. Only use networks and servers in lower case in ChatZilla bug 1742502. Change classic form icon in SeaMonkey composer bug 1710915. Addition fixes for SeaMonkey 32x32 default...

istockphoto.com Cross Site Scripting vulnerability OBB-1244419

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

tarfandestan.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-1167470 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

aftabir.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-1167471 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

mediamonitor.pt Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1159700 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

hracademy.nl Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1128512 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

markcornerrealestate.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-998558 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...