2120 matches found
SUSE CVE-2018-14615
An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncateinlineinode in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative...
SUSE CVE-2019-12269
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text...
SUSE CVE-2019-18389
A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGLCCMDRESOURCEINLINEWRITE commands...
SUSE CVE-2019-18391
A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGLCCMDRESOURCEINLINEWRITE commands...
SUSE CVE-2019-19118
Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests,...
SUSE CVE-2020-1766
Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. This issue affects: OTRS Community Edition 5.0.x version 5.0.39 and prior...
SUSE CVE-2021-29957
If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. This vulnerability affects Thunderbird 78.10.2...
SUSE CVE-2021-29988
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
SUSE CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
SUSE CVE-2022-34749
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking...
GSD-2023-1002021 io_uring/poll: add hash if ready poll request can't complete inline
iouring/poll: add hash if ready poll request can't complete inline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
PT-2023-34922 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue concerns the gfs2 component, specifically with how it handles inline inodes. It is noted that the actual impact and potential for attack have not been proven yet. Recommendations:...
Python Exec, Python Meterpreter Shell, Bind TCP Inline
Execute a Python payload from a command. Connect to the victim and spawn a Meterpreter shell Module Options msf use payload/cmd/windows/python/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set ACTION msf payloadmeterpreterbindtcp show...
Python Exec, Python Meterpreter Shell, Reverse HTTP Inline
Execute a Python payload from a command. Connect back to the attacker and spawn a Meterpreter shell Module Options msf use payload/cmd/windows/python/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf...
Optimizer Bug Regarding Memory Side Effects of Inline Assembly
Lines of code Vulnerability details Impact This bug only occurs under very specific conditions: the legacy optimizer must be enabled rather than the IR pipeline true for the current project configuration, and the affected assembly blocks must not refer to any local Solidity variables Proof of...
PT-2023-12221 · Openeuler · Byacc
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: When a file is processed, an infinite loop occurs in the next inline function of the more curly function. Recommendations: At the moment, there is no...
GSD-2023-1001269 btrfs: fix resolving backrefs for inline extent followed by prealloc
btrfs: fix resolving backrefs for inline extent followed by prealloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001243 ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1000905 btrfs: fix resolving backrefs for inline extent followed by prealloc
btrfs: fix resolving backrefs for inline extent followed by prealloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...
GSD-2023-1000445 btrfs: fix resolving backrefs for inline extent followed by prealloc
btrfs: fix resolving backrefs for inline extent followed by prealloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...