SUSE CVE-2022-49228

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

USN-7259-3 eglibc vulnerability

USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a...

DEBIAN-CVE-2024-46832

In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call getc0compareint if timer irq is installed This avoids warning: 0.118053 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:283 Caused by getc0compareint on secondary CPU. We al...

DEBIAN-CVE-2023-52694

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy exit annotation for remove function With tpd12s015remove marked with exit this function is discarded when the driver is compiled as a built-in. The result is that when the driver unbinds there is...

DEBIAN-CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

AZL-35394 CVE-2023-49557 affecting package yasm 1.3.0-17

An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasmsectionbcsfirst function in the libyasm/section.c component...

SUSE CVE-2017-15371

There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...

SUSE CVE-2018-19800

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in newaubiotempo...

SUSE CVE-2019-14292

An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1...

Stack overflow

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the delnum parameter in the icpdeleteimg sub41DEDC function...

DEBIAN-CVE-2021-32490

A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filterbv via crafted djvu file may lead to application crash and other consequences...

TikTok: Blocked user can send notification by liking the message due to Logical Bug

A functional bug had the potential to permit a blocked user to send notifications by liking another user's message.We thank @sandipgyawali for reporting this to our team and confirming the resolution...

PT-2020-6421 · Cflow +2 · Cflow +2

Name of the Vulnerable Software and Affected Versions: cflow version 1.6 Description: The issue is related to a Use-after-Free vulnerability in the call function at src/parser.c, which could cause a denial of service via the pointer variable caller-callee. This vulnerability may allow an attacker...

DEBIAN-CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

DEBIAN-CVE-2018-19800

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in newaubiotempo...

CVE-2018-13221

The sell function of a smart contract implementation for Extreme Coin XT Contract Name: ExtremeToken, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...

DEBIAN-CVE-2017-12997

The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldpprivate8021print...

CVE-2017-13016

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esisprint...

PT-2017-13080 · Tsk +1 · The Sleuth Kit +1

Name of the Vulnerable Software and Affected Versions: The Sleuth Kit TSK version 4.4.2 Description: The issue occurs when the fls command in The Sleuth Kit TSK hangs on a corrupt exfat image. This happens due to a problem in the tsk img read function located in tsk/img/img io.c within the...

UBUNTU-CVE-2017-9747

The ieeearchivep function in bfd/ieee.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, a...