266 matches found
PYSEC-2023-11
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...
GHSA-W7PP-M8WF-VJ6R Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf
Previously, Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers: pycon outbuf = b"\x00" 32 c = ciphers.CipherAESb"\x00" 32, modes.ECB.encryptor c.updateintob"\x00" 16, outbuf 16 outbuf...
PT-2023-2766 · Pypi +10 · Cryptography +10
Name of the Vulnerable Software and Affected Versions: cryptography versions 1.8 through the latest version before the fix Description: The issue is related to the Cipher.update into function in the cryptography package, which would accept Python objects that implement the buffer protocol but...
CVE-2022-44721
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2841. Reason: This issue was MERGED into CVE-2022-2841 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should reference CVE-2022-2841 instead of this...
Exploit for Improper Access Control in Webmin
WebminRCE-exploit CVE-2022-0824, CVE-2022-0829 - File Manger p...
new packages: python-into-dbus-python
An update is available for python-into-dbus-python. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
CVE-2022-27902
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-1215. Reason: This issue was MERGED into CVE-2022-1215 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should reference CVE-2022-1215 instead of this...
CentOS 8 : thunderbird (CESA-2021:4130)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4130 advisory. - Mozilla: iframe sandbox rules did not apply to XSLT stylesheets CVE-2021-38503 - Mozilla: Use-after-free in file picker dialog CVE-2021-38504 -...
The vulnerability of the copyIntoFrameBuffer function in software for storing OpenEXR images with a wide dynamic range of brightness levels, related to writing beyond the buffer’s boundaries, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the copyIntoFrameBuffer function in software for storing OpenEXR images with a wide dynamic range of brightness is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...
libwebp: heap-based buffer overflow in WebPDecode*Into functions
A flaw was found in libwebp. A heap-based buffer overflow in functions WebPDecodeInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
AZL-41851 CVE-2021-27378 affecting package librsvg2 for versions less than 2.58.1-1
An issue was discovered in the randcore crate before 0.6.2 for Rust. Because readu32into and readu64into mishandle certain buffer-length checks, a random number generator may be seeded with too little data...
EventList's From<EventList> conversions can double drop on panic.
Affected versions of this crate read from a container using ptr::read in From, and then call a user specified Into function. This issue can result in a double-free if the user provided function panics...
RUSTSEC-2021-0011 EventList's From<EventList> conversions can double drop on panic.
Affected versions of this crate read from a container using ptr::read in From, and then call a user specified Into function. This issue can result in a double-free if the user provided function panics...
PT-2020-6398 · Openexr · Openexr
Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.0.1 Description: A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR. This issue allows an attacker to execute arbitrary code with the permissions of the user running the application...
SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)
This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...
sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...
Moderate: Red Hat Security Advisory: sqlite security and bug fix update
An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 8 : sqlite (RHSA-2020:1810)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1810 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a singl...
Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation
Title: Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation Date: 2020-04-21 Author: Marco Ivaldi Vendor: www.oracle.com CVE: CVE-2020-2944 / raptorsdtcmconv.c - CDE sdtcmconvert LPE for Solaris/Intel Copyright c 2019-2020 Marco Ivaldi A buffer overflow in the SanityCheck...
UBUNTU-CVE-2020-11764
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp...