33 matches found
EUVD-2021-3055
Malicious code in bioql PyPI...
EulerOS 2.0 SP11 : abseil-cpp (EulerOS-SA-2025-1645)
According to the versions of the abseil-cpp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve, and rehash methods of absl::flat,nodehashset,map...
CVE-2020-28371
An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operations. However, an integer overflow leads to bypassing this check and achieving the out-of-bounds...
freerdp security update
An update is available for freerdp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...
CVE-2024-53837
In prepareresponse of lwisperiodicio.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-43097
CVE-2024-43097 : The issue is a possible out-of-bounds write in SkRegion.cpp in resizeToAtLeast caused by an integer overflow, which could lead to local privilege escalation with no user interaction required. The vulnerability is referenced across multiple advisories for Mozilla components (Firef...
CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...
CVE-2024-47537
CVE-2024-47537 affects GStreamer, specifically gstreamer1-plugins-good. The issue arises in the isomp4/qtdemux.c path where the program reallocates stream->samples to hold stream->n_samples + samples_count, with samples_count read from input. If samples_count is large, an integer overflow c...
CVE-2024-47537
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. And i...
CVE-2024-11236 Integer overflow in the firebird and dblib quoters causing OOB writes
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
Unspecified Vulnerability in FreeRDP (CNVD-2024-23305)
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A security vulnerability existed prior to FreeRDP version 3.5.0, which stemmed from the vulnerability of FreeRDP-based clients to integer overflow and out-of-bounds writes. No details of the...
Important: thunderbird
Issue Overview: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox 124, Firefox ESR 115.9, and...
RHEL 8 : libfastjson (RHSA-2023:6976)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6976 advisory. The libfastjson library provides essential JavaScript Object Notation JSON handling functions. The library enables users to construct JSON objects in...
CVE-2022-42533
In sharedmetadatainit of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
SUSE SLES15 Security Update : json-c (SUSE-SU-2022:0184-2)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:0184-2 advisory. - CVE-2020-12762: Fixed integer overflow and out-of-bounds write. bsc1171479 Tenable has extracted the preceding description block directly from the SU...
SUSE: Security Advisory (SUSE-SU-2022:0184-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-38166
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAPSYSADMIN capability...
Denial Of Service (DoS)
openexr is vulnerable to denial of service DoS. The vulnerability exists through a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta, that could trigger an integer overflow, subsequently leading to an out-of-bounds read...
EulerOS Virtualization 2.9.0 : open-iscsi (EulerOS-SA-2021-1639)
According to the versions of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, an...
CVE-2020-35738
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...