11 matches found
DEBIAN-CVE-2025-9086
A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...
UBUNTU-CVE-2025-9086
A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...
TencentOS Server 4: wavpack (TSSA-2025:0145)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0145 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
SUSE CVE-2016-2177
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3srvr....
Google TensorFlow缓冲区错误漏洞
Google TensorFlow is an end-to-end open source machine learning platform. an information disclosure vulnerability exists in Google TensorFlow TensorFlow sparse reduction. An attacker could exploit this vulnerability to read data from outside the boundaries of the heap allocation data or cause a...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is an end-to-end open source machine learning platform. A security vulnerability exists in Google TensorFlow "tf.rawops.UpperBound". An attacker could exploit this vulnerability to read data from outside the boundaries of the heap allocation data and use this information to laun...
Amazon Web Services FreeRTOS 缓冲区错误漏洞
Amazon FreeRTOS is an open source operating system for microcontrollers from Amazon.com, USA. A security vulnerability exists in Amazon Web Services FreeRTOS versions prior to 10.4.3 that stems from the kernel not having sufficient boundary checks during heap memory management...
SUSE: Security Advisory (SUSE-SU-2015:0668-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2016-2177
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3srvr....
SUSE SLED12 / SLES12 Security Update : libzip (SUSE-SU-2015:0668-1)
Libzip was updated to fix one security issue. A zip file with an unusually large number of entries could have caused an integer overflow leading to a write past the heap boundary, crashing the application. CVE-2015-2331 bnc923240 Note that Tenable Network Security has extracted the preceding...
openSUSE Security Update : libzip (openSUSE-2015-265)
Libzip was updated to fix one security issue. A zip file with an unusually large number of entries could have caused an integer overflow leading to a write past the heap boundary, crashing the application. CVE-2015-2331 bnc923240 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...