4756 matches found
AZL-43245 CVE-2024-38517 affecting package rapidjson for versions less than 1.1.0-8
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
AZL-45330 CVE-2024-38517 affecting package opencc 1.1.1-3
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
UBUNTU-CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517
CVE-2024-38517 : Tencent RapidJSON is vulnerable to a local privilege-escalation due to an integer underflow in the GenericReader::ParseNumber() function when parsing JSON text from a stream. A crafted file opened by the victim can trigger the underflow, enabling elevation of privileges. The vuln...
CVE-2024-38517 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517 Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
CVE-2024-38517
Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...
edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message
A vulnerability has been identified in the NetworkPkg IP stack of EDK2, the open-source reference implementation of the UEFI specification. This flaw enables an unauthenticated attacker within the same network vicinity to transmit a specifically crafted DHCPv6 message. Exploiting this vulnerabili...
Important: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Tencent RapidJSON Security Vulnerability
Tencent RapidJSON is a C++ rapid JSON parser/generator with SAX/DOM style API from Tencent, China. A security vulnerability exists in Tencent RapidJSON, which stems from an integer underflow issue in the GenericReader::ParseNumber function in include/rapidjson/reader.h. An attacker could use this...
Integer Underflow
Overview Affected versions of this package are vulnerable to Integer Underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened, this triggers the integer...
RHEL 9 : edk2 (RHSA-2024:4419)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4419 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...
CBL Mariner 2.0 Security Update: grub2 (CVE-2022-28733)
The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28733 advisory. - Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in...
CVE-2024-21466 Integer Underflow (Wrap or Wraparound) in WLAN Host Communication
Information disclosure while parsing sub-IE length during new IE generation...
CVE-2024-21466 Integer Underflow (Wrap or Wraparound) in WLAN Host Communication
Information disclosure while parsing sub-IE length during new IE generation...
PUB-A-318386769
Bulletin has no description...