AppImage Vim loads libc.so.6 from pwd

Description The appimage distribution of vim loads libc.so.6 from the current directory of the user. An attacker with control of files in a directory where the user uses vim could execute arbritrary code. Proof of Concept Proof of concept will use a malicious libc.so.6 generated with below patch ...

NULL Pointer Dereference in function xml_sax_append_string

Description NULL Pointer Dereference In utils/xmlparser.c:963 Environment No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04 LTS Release: 20.04 Codename: focal Version MP4Box - GPAC version 2.3-DEV-rev293-g56eed04c2-master c 2000-2023 Telecom Paris distributed under LG...

OTFCC has unspecified vulnerabilities

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files.OTFCC has a security vulnerability that stems from a segmentation violation located at its /lib/x8664-linux-gnu/libc.so.6 0xbb384. No detailed vulnerability details are currently available...

CVE-2022-35023

OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x8664-linux-gnu/libc.so.6+0xbb384...

CVE-2022-35023

OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x8664-linux-gnu/libc.so.6+0xbb384...

CVE-2022-35023

OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x8664-linux-gnu/libc.so.6+0xbb384...

CVE-2022-35023

OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x8664-linux-gnu/libc.so.6+0xbb384...

OTFCC code issue vulnerability

OTFCC is Caryll open source a C library and utilities. It is used to parse and write OpenType font files. OTFCC version 0.10.4 contains a code issue vulnerability that stems from a lack of proper validation of user-supplied data in the /x8664-linux-gnu/libc.so.6 0xbb384 file, which can be exploit...

CVE-2022-35469

OTFCC v0.10.4 was discovered to contain a segmentation violation via /x8664-linux-gnu/libc.so.6+0xbb384...

Input validation

OTFCC v0.10.4 was discovered to contain a segmentation violation via /x8664-linux-gnu/libc.so.6+0xbb384...

CVE-2022-35469

OTFCC v0.10.4 was discovered to contain a segmentation violation via /x8664-linux-gnu/libc.so.6+0xbb384...

CVE-2022-35469

Technical details for CVE-2022-35469 are not publicly available in the provided documents; connected EUVD entries refer to unrelated PyPI bioql issues. Monitor for updates.

CVE-2021-46543

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x8664-linux-gnu/libc.so.6+0x18e810. This vulnerability can lead to a Denial of Service DoS...

CVE-2021-46539

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x8664-linux-gnu/libc.so.6+0x45a1f. This vulnerability can lead to a Denial of Service DoS...

CVE-2021-46545

Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x8664-linux-gnu/libc.so.6+0x4b44b. This vulnerability can lead to a Denial of Service DoS...

Design/Logic Flaw

Jsish v3.5.0 was discovered to contain a SEGV vulnerability via /lib/x8664-linux-gnu/libc.so.6+0x18e506. This vulnerability can lead to a Denial of Service DoS...

CVE-2021-46539

CVE-2021-46539 concerns Cesanta MJS v2.20.0, which is affected by a SEGV vulnerability triggered via /lib/x86_64-linux-gnu/libc.so.6+0x45a1f. The issue can lead to a Denial of Service. The connected sources consistently describe the same vulnerability and impact for Cesanta MJS, without providing...

glibc security, bug fix, and enhancement update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

Linux 3.17 noexec Bypass with Python ctypes and memfd_create Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Linux = 3.17 noexec bypass with python ctypes and memfdcreate Date: 2015.10.14 Exploit Author: soyer Version: linux = 3.17 Tested on: Ubuntu 15.04 x8664 usage: $ ls -la execfile -rwxr-xr-x 1 soyer soyer 8600 Oct 14 15:04 execfil...

CVE-2007-3280

The Database Link library dblink in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system...