PgBouncer 输入验证错误漏洞

PgBouncer is an open-source, lightweight connection pool for PostgreSQL developed by the PgBouncer community. Prior to PgBouncer 1.25.2, there was a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows in the network packet parsing code, which allowe...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of memory copy sizes, which could lead t...

LibTIFF 输入验证错误漏洞

LibTIFF is an open-source library for reading and writing TIFF Tagged Image File Format files. This library includes some command-line tools for processing TIFF files. LibTIFF has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from an integer overflow in the ANGLE component of the Windows system, which could allow remote attackers to exploit heap...

EUVD-2022-32321

Malicious code in bioql PyPI...

Fortinet多款产品 输入验证错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy SSL VPN is a software application.Fortinet FortiPAM is a platform for privilege access control. An input validation...

webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution

A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, which can lead to an integer overflow. An attacker with network access could pass specially crafted web content files causing an application to halt, crash, or may lead to arbitrary code execution...

CVE-2022-35963

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

Ashlar-Vellum Cobalt 输入验证错误漏洞

Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. An input validation error vulnerability exists in Ashlar-Vellum Cobalt, which stems from an integer overflow when parsing an LI file and could lead to remote code execution...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave suffers from an integer overflow vulnerability that can be exploited by an attacker to execute arbitrary code via a specially crafted .lxt2 file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.115. An attacker can exploit this vulnerability to cause arbitrary code execution via a specially crafted .lxt2 file...

JustSystems Ichitaro Input Validation Error Vulnerability

JustSystems Ichitaro is a Japanese word processing software from JustSystems. An input validation error vulnerability exists in JustSystems Ichitaro 2023 version 1.0.1.59372, which is caused by an integer overflow in the HyperLinkFrame stream parser, where a specially crafted document may cause t...

MediaTek 芯片输入验证错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. The MediaTek chips contain a security vulnerability that originates from an integer overflow that results in an out-of-bounds write. An attacker could exploit the vulnerability to escalate privileges. The following...

NVIDIA DGX 输入验证错误漏洞

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. The NVIDIA DGX A100 suffers from an input validation error vulnerability that stems from an integer overflow in the SBIOS in SmmCore. An attacker could exploit the vulnerability by passing specially crafted...

FISCO-BCOS 输入验证错误漏洞

FISCO-BCOS is an open source, secure and controlled enterprise-level financial blockchain underlying technology platform. A security vulnerability exists in FISCO-BCOS release-3.0.0-rc2, which can be exploited by an attacker to trigger an integer overflow and cause a denial of service DoS via an...

Fortinet FortiOS 输入验证错误漏洞

Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform from Fortinet, a US-based company. Fortinet FortiOS is vulnerable to an integer overflow vulnerability that could be exploited by an attacker to corrupt control data on the heap with a specially...

Sendmail 8.118.12 Debugger - Arbitrary Code Execution (2)

Sendmail 8.118.12 Debugger - Arbitrary Code Execution 2 // source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for...