17 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: Ensure that the tx-skbs always have the MPTCP extensions. Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. This results in a la...
SUSE CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
UBUNTU-CVE-2026-33997
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...
CVE-2025-63656
An out-of-bounds read in the headercmp function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
EUVD-2018-6011
Malware in sbrugna...
UBUNTU-CVE-2023-4720
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...
CVE-2023-4720 Floating Point Comparison with Incorrect Operator in gpac/gpac
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...
LlamaRelativeQuorum isActionApproved / isActionDisapproved check condition error
Lines of code Vulnerability details Impact LlamaRelativeQuorum isActionApproved / isActionDisapproved check condition error: quantity holders. The two cannot be compared. In general quantity holder, so the approver was lower than expected. Proof of Concept diff --git...
SUSE CVE-2019-7309
In the GNU C Library aka glibc or libc6 through 2.29, the memcmp function for the x32 architecture can incorrectly return zero indicating that the inputs are equal because the RDX most significant bit is mishandled...
DNSSECImpl.verifySignature compares strings incorrectly, allowing malicious zones to forge DNSSEC trust chain
Lines of code Vulnerability details Impact DNSSEC allows parent zones to sign for its child zones. To check validity of a signature, RFC4034 3.1.7 requires the Signer's Name in any RRSIG RDATA to contain the zone of covered RRset. This requirement is reasonable since any child zone should be...
Insecure Password Matching
bouncycastle is vulnerable to incorrect password matching. An attacker is able to pass an incorrect password and gets it accepted as a correct one due to a comparison error in the function OpenBSDBCrypt.checkPassword...
Security update for axel (moderate)
openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...
UBUNTU-CVE-2019-9893
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators LT, GT, LE, GE, which might able to lead to bypassing seccomp filters and potential privilege escalations...
Comparison errorr in org.apache.tika:tika-core
In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser...
GHSA-J53J-GMR9-H8G3 Comparison errorr in org.apache.tika:tika-core
In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser...
CVE-2014-7283
The xfsda3fixhashpath function in fs/xfs/xfsdabtree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service filesystem corruption, and OOPS or panic via operations on directories that have has...
FFmpeg Multiple Vulnerabilities - Linux
FFmpeg is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...