2874 matches found
CVE-2023-52728
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString...
CVE-2023-52727
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits...
CVE-2023-52727
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits...
CVE-2023-52727
Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits...
PT-2024-14717 · Open Networking Foundation · Onos-Lib-Go
Name of the Vulnerable Software and Affected Versions: Open Networking Foundation SD-RAN ONOS onos-lib-go version 0.10.25 Description: The issue allows an index out-of-range condition in putBitString. There is no information provided about the estimated number of potentially affected devices...
CVE-2023-52727
The CVE concerns Open Networking Foundation's ONOS project, specifically the onos-lib-go component at version 0.10.25, with the root cause in parseAlignBits causing an index out-of-range condition. Reported impacts in multiple sources describe an Out-of-Bounds Read leading to potential Denial of ...
RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:0584)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0584 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
cmseasy 安全漏洞
CmsEasy is a content management system CMS for creating responsive websites from China's CmsEasy Technology CmsEasy. A security vulnerability exists in cmseasy version v7.7.7.9, which originates from a path traversal vulnerability in the lib/admin/image.admin.php file...
CVE-2024-26880 dm: call the resume method on internal suspend
In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend There is this reported crash when experimenting with the lvm2 testsuite. The list corruption is caused by the fact that the postsuspend and resume methods were not paired correctly;...
kernel security, bug fix, and enhancement update
4.18.0-513.24.19.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Remote Code Execution
maildev is vulnerable to Remote Code Execution. The vulnerability is due to insufficient input validation and sanitization of crafted Content-ID header for an e-mail attachment, resulting in lib/mailserver.js writing arbitrary code into the routes.js file...
blind-rsa-signatures (=0.9.0), cyfs-base (>=0.5.0 <=0.6.12) +6 more potentially affected by unknown CVE via rsa-export (>=0.1.2 <=0.3.3)
rsa-export CARGO version =0.1.2, =0.5.0, =0.5.0, =0.2.7, =0.1.2, =0.1.4 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0333...
redhat-support-lib-python and redhat-support-tool bug fix and enhancement update
An update is available for redhat-support-tool, redhat-support-lib-python. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The redhat-support-tool utility...
MailDev Remote Code Execution
MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...
GHSA-VC6Q-CCJ9-9R89 MailDev Remote Code Execution
MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...
CVE-2024-27448
MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...
CVE-2024-27448
MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...
CVE-2024-27448
MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file...
CVE-2024-27448
MailDev versions 2 through 2.1.0 are vulnerable to Remote Code Execution via a crafted Content-ID header in an email attachment, causing lib/mailserver.js to write arbitrary code into routes.js. This is a network-borne vulnerability with high impact (CRITICAL CVSS 3.1), and there is public exploi...
OracleVM 3.4 : kernel-uek (OVMSA-2024-0004)
The remote OracleVM system is missing necessary patches to address security updates: - A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a...