15 matches found
ROS-20260429-73-0017
A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...
ROS-20260429-73-0020
A vulnerability in the PostgreSQL database management system is related to incorrect array indexing. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code in the context of the current user using specially crafted queries...
Vulnerability of the bnxt_rx_pkt() function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module – A Linux kernel Ethernet network adapter driver support mechanism that allows an attacker to access protected information or cause service failure.
Vulnerability of the bnxtrxpkt function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module – The Linux kernel’s Ethernet network adapter support driver has vulnerabilities related to indexing mechanisms. Exploiting this vulnerability could allow attackers to access protected information or...
govuk_tech_docs vulnerable to unescaped HTML on search results page
Impact Pages that are indexed in search results have their entire contents indexed, including any HTML code snippets. These HTML snippets would appear in the search results unsanitised, so it was possible to render arbitrary HTML or run arbitrary scripts. This is a low risk security issue; to...
The vulnerability of the SBIOS component in NVIDIA’s DGX A100 IpSecDxe server allows a attacker to execute arbitrary code, cause service failures, or compromise the integrity of the protected information.
The vulnerability of the SBIOS component in the NVIDIA DGX A100 IpSecDxe server is related to unvalidated array indexing. Exploiting this vulnerability can allow an attacker to execute arbitrary code, cause service failures, or compromise the integrity of the protected information...
OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
kernel: buffer uses out of index in ext3/4 filesystem
A memory out-of-bounds read flaw was found in the Linux kernel's ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability...
USN-4579-1 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities
Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Wen Xu discover...
UBUNTU-CVE-2015-5685
The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing."...
Firefox < 40 Multiple Vulnerabilities
The version of Firefox installed on the remote Windows host is prior to 40. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist that allow a remote attacker, via a specially crafted web page, to corrupt memory and potentially execute arbitrary...
Squid 3.x < 3.4.8 Multiple Vulnerabilities
According to its banner, the version of Squid running on the remote host is 3.x prior to 3.4.8. Therefore, it may be affected by the following vulnerabilities : - A off-by-one overflow flaw exists within the SNMP processing component. By using a specially crafted UDP SNMP request, a remote attack...
PHP 5.4.x < 5.4.34 / 5.5.x < 5.5.18 / 5.6.x < 5.6.2 Multiple Vulnerabilities
Binary data 8563.prm...
Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific vulnerability is an array indexing flaw...