CVE-2023-1570

A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected by this issue is the function interceptormemcpy of the file tinydngloader.h. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been...

CVE-2022-37781

fdkaac v1.0.3 was discovered to contain a heap buffer overflow via interceptormemcpy.part.46 at /sanitizercommon/sanitizercommoninterceptors.inc...

CVE-2025-4542

A vulnerability, which was classified as problematic, has been found in Freeebird Hotel 酒店管理系统 API up to 1.2. Affected by this issue is some unknown functionality of the file /src/main/java/cn/mafangui/hotel/tool/SessionInterceptor.java. The manipulation leads to permissive cross-domain policy wi...

CVE-2025-3305

A vulnerability has been found in 1902756969/code-projects IKUNLibrary 1.0 and classified as problematic. This vulnerability affects the function addInterceptors of the file MvcConfig.java of the component Borrow Handler. The manipulation leads to improper access controls. The attack can be...

OSV-2025-145 Heap-buffer-overflow in ___interceptor_strncat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=397731139 Crash type: Heap-buffer-overflow READ 1 Crash state: interceptorstrncat processndpicollectedinfo nodecleanupwalker...

PT-2025-7664 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the interceptor strncat function, process ndpi collected info, and node cleanup...

OSV-2025-88 Segv on unknown address in ___interceptor_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393435814 Crash type: Segv on unknown address Crash state: interceptorfree ndpifreeflowdata ndpifreeflow...

PT-2025-5671 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash reported by OSS-Fuzz, with a Segv on an unknown address. The crash state includes references to interceptor free, ndpi fr...

CVE-2024-57757

JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component /interceptors/AuthInterceptor.cava...

PT-2025-3553 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS versions prior to 2025.01.01 Description: The issue is related to a permission bypass in the component /interceptors/AuthInterceptor.cava. This component is part of the JeeWMS system, and the bypass could potentially allow unauthorized...

CVE-2024-13200

A vulnerability, which was classified as critical, was found in wander-chu SpringBoot-Blog 1.0. This affects the function preHandle of the file src/main/java/com/my/blog/website/interceptor/BaseInterceptor.java of the component HTTP POST Request Handler. The manipulation leads to improper access...

PT-2025-2058 · Wander Chu · Springboot-Blog

Name of the Vulnerable Software and Affected Versions: wander-chu SpringBoot-Blog version 1.0 Description: A critical vulnerability was found in the HTTP POST Request Handler component, specifically affecting the preHandle function of the BaseInterceptor.java file. This leads to improper access...

OSV-2025-4 Heap-buffer-overflow in ___interceptor_pthread_create

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386713390 Crash type: Heap-buffer-overflow READ 8 Crash state: interceptorpthreadcreate...

PT-2025-5657 · Git +1 · Libavif

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 8 crash has been reported, with the crash state indicating an issue related to interceptor pthread create. No information is...

Malicious code in puppeteer-req-interceptor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ace3c3ef68e8cff62f0dfa94786912c5a2f0c8b74608de84e77f01aa897734 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10344 Malicious code in puppeteer-req-interceptor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ace3c3ef68e8cff62f0dfa94786912c5a2f0c8b74608de84e77f01aa897734 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2024-697)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-697 advisory. 2024-08-28: CVE-2024-24790 was added to this advisory. 2024-08-09: CVE-2023-47108 was removed from this advisory. 2024-08-09: The severity of this advisory has been changed from Important to...

USN-6943-1 tomcat8, tomcat9 vulnerabilities

It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected tomcat8 for Ubuntu 18.04 LTS CVE-2020-9484 It was discovered that Tomcat...

CBL Mariner 2.0 Security Update: containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc (CVE-2023-47108)

The version of containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47108 advisory. - OpenTelemetry-Go Contrib is a collecti...

GO-2023-2331 Denial of service in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc

The grpc Unary Server Interceptor created by the otelgrpc package added the labels net.peer.sock.addr and net.peer.sock.port with unbounded cardinality. This can lead to the server's potential memory exhaustion when many malicious requests are sent. This leads to a denial-of-service...