18 matches found
Astra Linux – Vulnerability in nbdkit
There is a flaw in the “blocksize” filter of nbdkit that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in nbdkit, resulting in a denial of service...
Astra Linux – Vulnerability in nbdkit
There is a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
Linux Distros Unpatched Vulnerability : CVE-2025-47711
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a ver...
OESA-2025-1780 nbdkit security update
NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...
OESA-2025-1779 nbdkit security update
NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...
OESA-2025-1777 nbdkit security update
NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...
AZL-63878 CVE-2025-47711 affecting package nbdkit for versions less than 1.35.3-4
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
AZL-63801 CVE-2025-47711 affecting package nbdkit for versions less than 1.35.3-7
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
DEBIAN-CVE-2025-47711
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
AZL-63875 CVE-2025-47712 affecting package nbdkit for versions less than 1.35.3-4
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...
UBUNTU-CVE-2025-47711
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
SUSE CVE-2025-47711
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a perpetrator to execute arbitrary code.
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, is related to the possibility of writing data outside of the allowed range. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2020-9439
Multiple cross-site scripting XSS vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the searchkey GET Parameter in TinCanContentListTable.php, message GET Parameter in licensing.php,...
CVE-2020-9439
Multiple cross-site scripting XSS vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the searchkey GET Parameter in TinCanContentListTable.php, message GET Parameter in licensing.php,...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the searchkey GET Parameter in TinCanContentListTable.php, message GET Parameter in licensing.php,...
Denial Of Service (DoS)
libplist.so is susceptible to denial of service DoS attacks. The attacks exist due to the lack of checking for data range, leading to undefined behavior when attackers input a malicious plist file to the parsestringnode function...
Denial of Service Vulnerability in WPS office 2016 Personal Edition/Enterprise Edition and Kingsoft pdf
WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used text, table, presentation and many other functions of office software. A denial-of-service vulnerability exists in WPS office 2016 Personal/Enterprise Edition a...