CVE-2024-26327

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...

nss security update

3.90.0-6 - Fix ecc DER wrapping. 3.90.0-5 - Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes...

nss security update

3.90.0-6 - Fix ecc DER wrapping. 3.90.0-5 - Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes...

GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1790 GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35992 SUMMARY An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115,...

SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails

A new exploitation technique called Simple Mail Transfer Protocol SMTP smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from...

New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell SSH cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin CVE-2023-48795, CVSS score:...

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

Return values of transfer()/transferFrom() not checked

Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Not all IERC20 implementations revert when there's a failure in transfer/transferFrom. The function signature has a boolean return value and they indicate errors that way instead. By not checking the return value, operations that shou...

GHSA-XQ59-7JF3-RJC6 piccolo SQL Injection via named transaction savepoints

Summary The handling of named transaction savepoints in all database implementations is vulnerable to SQL Injection as user provided input is passed directly to connection.execute... via f-strings. Details An excerpt of the Postgres savepoint handling: python async def savepointself, name:...

ODSafeManager#allowSAFE() cannot be executed either by the proxy contract or any other address.

Lines of code Vulnerability details Impact "According to the GEB framework, the proxy contracts ODProxy are designed to interact with the Safe Manager ODSafeManager through the Proxy Action contract BasicActions. The pivotal function, allowSAFE, is responsible for granting an address the capabili...

CVE-2023-39331

A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please...

CVE-2023-22089

...

Sql injection

Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution. Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply hotfix Q23169 SaaS implementations on v23.7.1...

Fedora 38 : chromium (2023-3bfb63f6d2)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3bfb63f6d2 advisory. update to 117.0.5938.62. Fixes following security issues: CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905...

[SECURITY] Fedora 37 Update: ntp-refclock-0.6-1.fc37

ntp-refclock is a wrapper for reference clock drivers included in the ntpd daemon, which enables other NTP implementations to use the supported hardware reference clocks for synchronization of the system clock. It provides a minimal environment for the drivers to be able to run in a separate...

[SECURITY] Fedora 37 Update: pypy3.9-7.3.11-2.3.9.fc37

PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

[SECURITY] Fedora 37 Update: pypy-7.3.11-2.fc37

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

Sql injection

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the datadictionary.py tableinfo. User input coming from the dbname in a...

CVE-2023-30558

CVE-2023-30558 affects Archery, an open source SQL audit platform. The vulnerability arises from multiple SQL injection flaws in the sql/data_dictionary.py table_list endpoint, where untrusted input from the db_name parameter is concatenated into SQL queries and passed to database engines. Affect...

K16961: TLS MAC error vulnerability

Security Advisory Description Some TLS implementations fail to correctly check the MAC on TLS messages. Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for potential...