AZL-54446 CVE-2024-45338 affecting package docker-compose for versions less than 2.27.0-3

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

CVE-2024-36623 affecting package moby-compose for versions less than 2.17.3-8

CVE-2024-36623 affecting package moby-compose for versions less than 2.17.3-8. A patched version of the package is available...

AZL-54286 CVE-2024-45337 affecting package moby-compose for versions less than 2.17.3-9

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

AZL-54381 CVE-2024-45337 affecting package docker-compose for versions less than 2.27.0-2

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

AZL-53804 CVE-2024-36623 affecting package moby-compose for versions less than 2.17.3-8

moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes...

Exploit for Injection in Oracle Agile_Plm

针对 loj4j2 CVE-2021-44228 漏洞的研究 实验平台 - VirtualBox 7.0.12 r159484 Qt5.15.2 - Attacker kali - 网络地址转换（NAT） - host-only 网络 192.168.56.101 - Victim kali 2023.3 - 网络地址转换（NAT） - host-only 网络 192.168.56.112 实验任务 - - x 搭建实验平台 - - x 漏洞存在性验证 以 loj4j2 CVE-2021-44228 为例 - - x 漏洞可利用验证 以 loj4j2 CVE-2021-44228 为例...

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 !imagehttps://github.com/user-attachments/ass...

SUSE CVE-2022-48945

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

CVE-2022-48945

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

DEBIAN-CVE-2022-48945

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

CVE-2022-48945

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

CVE-2022-48945

CVE-2022-48945 is associated with a Linux kernel vulnerability in the media/vivid driver where the compose height adjustment could cause a boundary overrun in V4L2_SEL_TGT_CROP handling. The root cause is a missing boundary check after adjust compose->height, which could lead to memory access ...

CVE-2022-48945

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

CVE-2022-48945 media: vivid: fix compose size exceed boundary

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

CVE-2023-45142 affecting package moby-compose for versions less than 2.17.3-7

CVE-2023-45142 affecting package moby-compose for versions less than 2.17.3-7. A patched version of the package is available...

CVE-2024-45313 Insecure default setting for Server Pro installed via Overleaf toolkit

Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf Toolkit from before 2024-07-17 or legacy docker-compose.yml from before 2024-08-28, the configuration for LaTeX compiles was insecure by default, requiring the administrator to enable the security...

CVE-2024-45313 Insecure default setting for Server Pro installed via Overleaf toolkit

Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf Toolkit from before 2024-07-17 or legacy docker-compose.yml from before 2024-08-28, the configuration for LaTeX compiles was insecure by default, requiring the administrator to enable the security...

CVE-2024-45313

Summary: CVE-2024-45313 affects Overleaf Server Pro when installed via the Overleaf Toolkit or legacy docker-compose deployments prior to mid-2024. By default, LaTeX compiles could access the sharelatex container resources (filesystem, network, environment variables) if security features were not...

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-2209)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

Important: docker

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...