Out-of-bounds

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

GSD-2022-1001461 media: atomisp: fix dummy_ptr check to avoid duplicate active_bo

media: atomisp: fix dummyptr check to avoid duplicate activebo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

AZL-8967 CVE-2022-0865 affecting package libtiff for versions less than 4.3.0-2

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045...

PT-2022-7621 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fix in commit 5f394102ee27dbf05la4e283390cd8d1759dacea Description: The vulnerability is related to a null pointer dereference in the com20020pci probe function during driver initialization. The issue arises...

Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources a fix is available with commit 561599c.

...

UVI-2021-1002047 powerpc/idle: Don't corrupt back chain when going idle

powerpc/idle: Don't corrupt back chain when going idle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...

UVI-2021-1001973 comedi: vmk80xx: fix bulk-buffer overflow

comedi: vmk80xx: fix bulk-buffer overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.255 by commit...

GHSA-M539-J985-HCR8 Crash in `max_pool3d` when size argument is 0 or negative

Impact The Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative: python import tensorflow as tf poolsize = 2, 2, 0 layer = tf.keras.layers.MaxPooling3Dstrides=1, poolsize=poolsize inputtensor = tf.random.uniform3, 4, 10, 11, 12, dtype=tf.float32 r...

Code injection

Mycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users...

CVE-2021-41185

CVE-2021-41185 affects Mycodo (environmental monitoring system) with a path traversal vulnerability in versions prior to 8.12.7. The issue arises from insufficient filtering of file paths, allowing an endpoint-accessed user to download files outside the intended directory. A fix was released in 8...

in fisharebest/webtrees

Description In fix commit https://github.com/fisharebest/webtrees/commit/fc904122e0c1b55f274bc4c8cd883c266176e34e, the fix was to set CSP to script-src in HTML files to none. Webtrees by default has X-Frame-Options headers to prevent clickjacking, but since X-Frame-Options: SAMEORIGIN, it is...

Password stored in plain text

Overview parse-server is an open source backend that can be deployed to any infrastructure that can run Node.js. In Parse Server before version 4.5.0, user passwords involved in LDAP authentication are stored in cleartext. This is fixed in version 4.5.0 by stripping password after authentication ...

CVE-2019-1010069

moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txtadd. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae...

DEBIAN-CVE-2018-1000222

Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit...

CVE-2018-1000199

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modifyuserhwbreakpoint that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in...

CVE-2015-8985

The popfailstack function in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial of service assertion failure and application crash via vectors related to extended regular expression processing...

Internet Bug Bounty: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization

The bug report at: https://bugs.php.net/bug.php?id=73367 The fix commit at: https://github.com/php/php-src/commit/0426b916df396a23e5c34514e4f2f0627efdcdf0...

Internet Bug Bounty: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow

bug report at: https://bugs.php.net/bug.php?id=73331 fix commit at: https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d...

Internet Bug Bounty: Use-after-free in unserialize()

The bug report at: https://bugs.php.net/bug.php?id=73147 The fix commit at: https://github.com/php/php-src/commit/0e6fe3a4c96be2d3e88389a5776f878021b4c59f...

Internet Bug Bounty: Memory Corruption in During Deserialized-object Destruction

The bug report at: https://bugs.php.net/bug.php?id=73052 The fix commit at: https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43...