772 matches found
Important: redis:5 security update
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...
[SECURITY] Fedora 34 Update: redis-6.2.6-1.fc34
Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...
Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0 corresponds with OpenCV-Python version 4.1.2.30. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code...
GHSA-M6VM-8G8V-XFJH Out-of-bounds Write in OpenCV
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0 corresponds with OpenCV-Python 4.1.0.25. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An...
The vulnerability in the `net/can/bcm.c` component of the Linux operating system allows a hacker to read a portion of the kernel’s memory.
The vulnerability in the net/can/bcm.c component of the Linux operating system exists due to the lack of initialization for a certain data structure. Exploiting this vulnerability could allow an attacker to read part of the kernel’s memory...
GHSA-8Q64-WRFR-Q48C Data races in model
Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...
Data races in appendix
The appendix crate implements a key-value mapping data structure called Index that is stored on disk. The crate allows for any type to inhabit the generic K and V type parameters and implements Send and Sync for them unconditionally. Using a type that is not marked as Send or Sync with Index can...
Data races in model
Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...
Apple macOS CoreText TTF Parsing Out-of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
Apple macOS AppKit PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the AppKit library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
CVE-2020-36460
An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type...
Design/Logic Flaw
An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type...
CVE-2020-36460
An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type...
CVE-2020-36460
CVE-2020-36460 affects the Rust model crate: the Shared data structure implements Send and Sync regardless of the inner type, potentially enabling data races in safe Rust. Covered in multiple sources (NVD/RUSTSEC/RH Red Hat) with references to a contention issue; no explicit patch/version remedia...
Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
Apple macOS ModelIO USD File Parsing Out-Of-Bounds Write Remote Code Execute Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ModelIO...
Privilege Escalation
webkit2gtk is vulnerable to privilege escalation. The vulnerability exists due to the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure...
(0Day) Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...
(0Day) Apple macOS AudioToolboxCore LOAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
OPENSUSE-SU-2021:2305-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3573: Fixed an UAF vulnerability in function that can allow attackers to corrupt kernel heaps and adopt further exploitations. bsc1186666 -...