108 matches found
SUSE CVE-2025-2309
A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...
AZL-58813 CVE-2025-2309 affecting package hdf5 1.14.6-1
A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...
grub2: net: Out-of-bounds write in grub_net_search_config_file()
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the environment variable length...
OpenPanel 安全漏洞
OpenPanel is a web hosting panel from OpenPanel, Inc. A security vulnerability exists in OpenPanel version v0.3.4, which is caused by a directory traversal vulnerability in the Copy and View functions of the File Manager component...
CVE-2024-57895
In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTRCTIME flags when setting mtime David reported that the new warning from setattrcopymgtime is coming like the following. 113.215316 ------------ cut here ------------ 113.215974 WARNING: CPU: 1 PID: 31 at...
kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs
In the Linux kernel, the following vulnerability has been resolved: net: core: reject skbcopyexpand for fraglist GSO skbs SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a...
PT-2024-29403 · Hicolor · Hicolor
Name of the Vulnerable Software and Affected Versions: hicolor version 0.5.0 Description: A stack overflow in the cp dynamic function, located in /vendor/cute png.h, allows attackers to cause a Denial of Service DoS via a crafted PNG file. Recommendations: For hicolor version 0.5.0, consider...
A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted."
...
DEBIAN-CVE-2024-36915
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: fix nfcllcpsetsockopt unsafe copies syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset include/linux/sockptr.h:49 inline BUG:...
HDF Group HDF5 安全漏洞
HDF Group HDF5 is a suite of tools for managing and storing different types of data from the American company HDF Group. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5 Library version 1.14.3...
A-PDF All To MP3 Converter 2.0.0 Overflow
!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...
A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc
!/usr/bin/python Exploit Title: A-PDF All to MP3 Converter 2.0.0 - DEP Bypass with HeapCreate + HeapAlloc + somememorycopyfunction ROP chain Date: 16 November 2023 Exploit Author: George Washington Vendor Homepage: http://www.a-pdf.com/all-to-mp3/download.htm Software Link:...
UBUNTU-CVE-2024-27088
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...
CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...
PT-2024-6044 · Es5-Ext +2 · Es5-Ext +2
Name of the Vulnerable Software and Affected Versions: es5-ext versions prior to 0.10.63 Description: The issue is related to the es5-ext package, which contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or...
PT-2023-35625 · Hdf5 · Hdf5
Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified, which can cause a crash. The crash occurs in the H5T bit copy, H5T bit get d, and H5T conv f f functions. Recommendations: At the moment,...
OESA-2023-1544 yasm security update
Yasm is a complete rewrite of the NASM assembler under the “new” BSD License. Security Fixes: yasm v1.3.0 was discovered to contain a memory leak via the function yasmintnumcopy at /libyasm/intnum.c.CVE-2023-31975...
libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the TIFFmemcpy function in libtiff/tifunix.c when called by functions in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification...
PT-2023-9348 · Yasm +3 · Yasm +3
Name of the Vulnerable Software and Affected Versions: yasm version 1.3.0 Description: The issue is related to a memory leak in the yasm intnum copy function of the YASM assembler. This memory leak occurs due to the lack of memory release after its effective term of service. Exploitation of this...
Regular Expression Denial of Service (ReDoS)
Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...