123 matches found
CVE-2025-0518 Unchecked sscanf return value which leads to memory data leak
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed: ...
CVE-2024-57901
Mode C: Normal details found. CVE-2024-57901 affects the Linux kernel af_packet code. The bug was in vlan_get_protocol_dgram() interacting with MSG_PEEK, where the previous fix path touched skb data and could crash. The issue was addressed by reworking vlan_get_protocol_dgram() to avoid touching ...
CVE-2024-53192
In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access Flexible-array member hws in struct clkhwonecelldata is annotated with the countedby attribute. This means that when memory is allocated for this...
curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]
Summary: A flaw has been identified in the curl command-line tool related to its protocol selection mechanism. Specifically, the protocol restrictions set by the --proto option can be bypassed, allowing unintended protocols to be used despite explicit restrictions. This flaw can result in plainte...
CVE-2024-54527
This issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to access sensitive user data...
GHSA-5R2G-59PX-3Q9W Stored XSS using two files in usememos/memos
A stored cross-site scripting XSS vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This...
CVE-2024-44251
This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen...
CVE-2024-49376 Autolab Has Misconfigured Reset Password Permissions
Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their...
CVE-2024-7099
netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include getknowledgebasename, fromstatustostatus, deletefiles, and getfilebystatus. An attacker can exploit...
CVE-2023-45196 Adminer and AdminerEvo denial of service via HTTP redirect
Adminer and AdminerEvo allow an unauthenticated remote attacker to cause a denial of service by connecting to an attacker-controlled service that responds with HTTP redirects. The denial of service is subject to PHP configuration limits. Adminer is no longer supported, but this issue was fixed in...
CVE-2024-27814
This issue was addressed through improved state management. This issue is fixed in watchOS 10.5. A person with physical access to a device may be able to view contact information from the lock screen...
CVE-2024-27814
This issue was addressed through improved state management. This issue is fixed in watchOS 10.5. A person with physical access to a device may be able to view contact information from the lock screen...
GHSA-CRR3-H4M8-7F56 silverstripe/framework vulnerable to member disclosure in login form
There is a user ID enumeration vulnerability in our brute force error messages. - Users that don't exist in will never get a locked out message - Users that do exist, will get a locked out message This means an attacker can infer or confirm user details that exist in the member table. This issue...
CVE-2024-35933
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintelreadversion If hcicmdsynccomplete is triggered and skb is NULL, then hdev-reqskb is NULL, which will cause this issue...
CVE-2024-23228
Apple iOS 17.3 and iPadOS 17.3 fix a vulnerability in the Notes component where Locked Notes content may have been unexpectedly unlocked due to state-management issues. Affected products are iPhone and iPad models supporting iOS/iPadOS 17.3. Root cause: improved state management within Notes. Imp...
CVE-2023-42913
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2. Remote Login sessions may be able to obtain full disk access permissions...
CVE-2024-27092 Content spoofing - real Hoppscotch emails
Hoppscotch is an API development ecosystem. Due to lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with Spoofed Content as Hoppscotch. Part of payload external link is presented in clickable form - easier to achieve own goals by malicious actors. This iss...
Information disclosure
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app with root privileges may be able to access private information...
CVE-2023-42929
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access protected user data...
Deserialization of untrusted data
vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version 0.12.0, an issue in the FamStructWrapper::deserialize implementation provided by the crate for vmmsysutil::fam::FamStructWrapper can lea...