The vulnerability of the stb_image.h component in the C/C++ Libstb library allows a hacker to cause a service failure.

The vulnerability of the stbimage.h component in the C/C++ Libstb library relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created HDR file...

The vulnerability of the ACEManager component in the microprogramming software ALEOS for Sierra Wireless’ routers allows a attacker to trigger a Denial-of-Service Attack (DoS).

The vulnerability of the ACEManager component in the ALEOS router software from Sierra Wireless relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to trigger a Denial-of-Service attack remotely...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

UBUNTU-CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-40458

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service DoS condition for ACEManager without impairing other router functions. This condition is cleared by restarting the device...

CVE-2023-40458

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service DoS condition for ACEManager without impairing other router functions. This condition is cleared by restarting the device...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

kernel: media: dvb-usb: fix memory leak in dvb_usb_adapter_init()

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...

kernel: Linux kernel: Memory leak in mt76 Wi-Fi driver leads to Denial of Service

A flaw was found in the Linux kernel's mt76 Wi-Fi driver. A memory leak occurs when the mt7996mcuexit routine fails to properly clear memory queues if the mt7996firmwarestate encounters an issue. This vulnerability could allow a local attacker with low privileges to cause a Denial of Service DoS ...

kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

The vulnerability of the `read_formatted_entries` function in the `dwarf2.c` component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the readformattedentries function in the dwarf2.c component of the GNU Binutils development environment is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows an attacker to trigger a service failure using a specially...