The vulnerability of the cpStripToTile() function (tools/tiffcp.c) in the LibTIFF library, which is related to writing beyond the buffer boundaries in memory, allows a malicious actor to trigger a service failure.

The vulnerability of the cpStripToTile function tools/tiffcp.c in the LibTIFF library is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12150)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12150 advisory. - sched/rt: picknextrtentity: check listentry Pietro Borrello Orabug: 35181559 CVE-2023-1077 - net/sched: schhfsc: Ensure inner classes have fsc curve...

OESA-2024-1145 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A Null pointer dereference problem was found in idafree in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-510)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-510 advisory. A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 A Null...

PT-2024-20534 · Crafatar · Crafatar

Name of the Vulnerable Software and Affected Versions: Crafatar versions prior to 2.1.5 Description: Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind...

Security Bulletin: Vulnerability with Kernel and Lib cURL affect IBM Cloud Object Storage Systems (Jan 2024v1)

Summary Vulnerability with Kernel - CVE-2023-5717, CVE-2023-3772, CVE-2023-39194, CVE-2023-39192, CVE-2023-46219, CVE-2023-39193, CVE-2023-45863, CVE-2023-1206, & CVE-2023-4208 and Lib cURL CVE-2023-46218 This vulnerability have been addressed in the latest ClevOS releases Vulnerability Details...

carpo (>=0.1.2 <=0.1.3), chimper (>=0.1.2 <=0.2.1) +7 more potentially affected by unknown CVE via conrod (>=0.51.1 <=0.61.1)

conrod CARGO version =0.51.1, =0.1.2, =0.1.2, =0.1.0, =1.0.0, =0.1.0, =0.2.0, =1.0.0, =0.1.0, =0.1.4 - turbine =0.0.2 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0397...

Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c

...

SUSE CVE-2024-22563

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc in openvswitch-2.17.8/lib/util.c...

The vulnerability of the ida_free() function in the lib/idr.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the idafree function in the lib/idr.c module of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Fedora 38 : kernel (2024-c4ec5006e3)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c4ec5006e3 advisory. The 6.6.12 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

CVE-2024-22563

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc in openvswitch-2.17.8/lib/util.c...

DEBIAN-CVE-2024-22563

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc in openvswitch-2.17.8/lib/util.c...

Stack overflow

swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dictforeachkeyvalue at swftools/lib/q.c...

UBUNTU-CVE-2024-22563

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc in openvswitch-2.17.8/lib/util.c...

CVE-2024-22563

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc in openvswitch-2.17.8/lib/util.c...

BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4597 more potentially affected by CVE-2019-9514 via h2 (>=0.1.26 <=0.3.21)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: CVE-2019-9514 Source advisory: OSV:RUSTSEC-2024-0003...

Security Bulletin: There are multiple vulnerabilities in mas-data-dictionary-lib-1.0.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-1471, CVE-2023-1370 and CVE-2021-42550)

Summary There are multiple vulnerabilities in mas-data-dictionary-lib-1.0.0.jar used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the syste...

DEBIAN-CVE-2023-6915

A Null pointer dereference problem was found in idafree in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return...

CVE-2023-6915

A Null pointer dereference problem was found in idafree in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return...