33 matches found
GHSA-533M-3WF6-C33V ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder.
An incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options...
PT-2026-41805
An incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options...
libssh: out-of-bounds read in sftp_handle()
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...
CVE-2024-42224
A vulnerability was found in the Linux kernel's mv88e6xxx driver in the mv88e6xxxdefaultmdiobus function, where an improper check for an empty linked list could lead to dereferencing a potentially invalid pointer. This issue could lead to memory corruption or crashes. Mitigation Mitigation for th...
CVE-2024-42224 net: dsa: mv88e6xxx: Correct check for empty list
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 "net: dsa: mv88e6xxx: Support multiple MDIO busses" mv88e6xxxdefaultmdiobus has checked that the return value of listfirstentry is non-NULL. This appears...
CVE-2024-28054
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...
EulerOS 2.0 SP8 : squid (EulerOS-SA-2024-1301)
According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6....
Heap overflow
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Squid vulnerabilities (USN-6594-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6594-1 advisory. Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this...
Fedora 39 : squid (2023-ab77331a34)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ab77331a34 advisory. - New version 6.6 - Important security fixes - Removed gopher support Tenable has extracted the preceding description block directly from the Fedora...
SUSE SLES15 Security Update : squid (SUSE-SU-2023:4825-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4825-1 advisory. - Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a...
CVE-2023-49286
A flaw was found in Squid due to an incorrect check of the return value in the helper process management. This issue may allow attackers to perform remote denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...
CVE-2023-45821
Artifact Hub (artifacthub.io) has a vulnerability in the registryIsDockerHub check where the code only inspects the registry domain ending with docker.io, enabling credential hijacking by using a fake OCI registry on a domain that ends with docker.io. The issue affects how Docker credentials used...
An attacker can steal assets due to an incorrect revertInvalidWithdrawalConditions check in DelegateToken.withdraw()
Lines of code Vulnerability details Impact Function withdraw - allows principal rights owner or approved operator to withdraw the underlying token once the delegation rights have either met their expiration or been rescinded. To withdraw assets, a check is made that the assets are being withdrawn...
Incorrect check for signature malleability
Lines of code Vulnerability details Impact Sig.recover has an Incorrect check: c.v != 27 || c.v != 28. Thus, Sig.recover always reverts. Proof of Concept c.v != 27 || c.v != 28 is always true function recoverbytes32 h, Components calldata c internal pure returns address // EIP-2 and malleable...
SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP3) (SUSE-SU-2022:2239-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2239-1 advisory. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and...
SimpleSAMLphp saml2 incorrect signature validation
HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...
SimpleSAMLphp InfoCard module Incorrect signature verification
The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XML messages by leveraging an incorrect check of return values in signature validation utilities...
Privilege Escalation
singularity-container is vulnerable to privilege escalation. The library contains an incorrect check of a function's return value, allowing attackers to gain elevated privileges...
CVE-2022-24259
An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows unauthenticated attackers to escalate privileges via a crafted request...