15 matches found
CVE-2026-47329
CVEs-2026-47329 affects Ubuntu Linux releases 6.8, 6.17 and 7.0 due to SAUCE patches failing to validate invalid sizes of the name field in AppArmor notification responses. The issue can be triggered by an unprivileged local user and may cause incorrect handling of crafted responses. Root cause: ...
Canonical Ubuntu Linux 安全漏洞
Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux 6.8, 6.17, and 7.0 versions contain security vulnerabilities. These vulnerabilities stem from an inability to verify the invalid size of the name field in AppArmor...
kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...
EUVD-2020-2704
Malware in sbrugna...
CVE-2020-10249
BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to valsoft.php3...
CVE-2022-4769
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the target path on host when a file is uploaded with an invalid character in its name...
SUSE CVE-2012-1172
The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid open square bracket characters in name values, which makes it easier for remote attackers to cause a denial of service malformed $FILES indexes or conduct directory traversal attacks during multi-file...
SUSE CVE-2013-4343
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call...
Oracle Linux 8 : go-toolset:ol8 (ELSA-2022-1819)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1819 advisory. delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.7-1 - Rebase...
openSUSE 15 Security Update : go1.17 (openSUSE-SU-2021:3833-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3833-1 advisory. - ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End...
CVE-2021-41772
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...
CVE-2021-41772
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...
CVE-2021-41772
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...
CVE-2020-10249
BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to valsoft.php3...
DEBIAN-CVE-2014-3484
Multiple stack-based buffer overflows in the dnexpand function in network/dnexpand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to 1 have unspecified impact via an invalid name length in a DNS response or 2 cause a denial of service crash via an invalid name...