Lucene search
+L

184 matches found

Cvelist
Cvelist
added 2023/10/20 11:26 p.m.26 views

CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image

stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...

6.5CVSS8.9AI score0.00691EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/10/20 11:26 p.m.20 views

CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image

stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...

6.5CVSS7.7AI score0.00691EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2023/10/20 11:26 p.m.24 views

CVE-2023-45662

stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...

8.1CVSS7.1AI score0.00691EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/10/20 11:26 p.m.54 views

CVE-2023-45661

stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...

7.1CVSS6.8AI score0.00574EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/10/20 11:26 p.m.20 views

CVE-2023-45661

stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...

7.1CVSS7.9AI score0.00574EPSS
Exploits0
OSV
OSV
added 2023/10/20 11:26 p.m.6 views

CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image

stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...

6.5CVSS6.6AI score0.00574EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/10/03 12:0 a.m.27 views

GitLab 13.12 < 16.2.8 / 16.3.0 < 16.3.5 / 16.4.0 < 16.4.1 (CVE-2023-5106)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to...

8.2CVSS7.2AI score0.00526EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/02 11:49 a.m.15 views

CVE-2023-5106 Incorrect Authorization in GitLab

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...

8.2CVSS7.6AI score0.00526EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/02 11:49 a.m.34 views

CVE-2023-5106 Incorrect Authorization in GitLab

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...

8.2CVSS8.2AI score0.00526EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/10/02 11:49 a.m.55 views

CVE-2023-5106

Removed by vendor...

8.2CVSS7.1AI score0.00526EPSS
Exploits0
Citrix
Citrix
added 2023/08/22 12:0 a.m.6 views

How to find bandwidth consumed by a Virtual Server on Netscaler.

This article describe how tofind which Virtual Server consumes the highest bandwidth when the licensed throughput limit is reached...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/08/04 1:15 a.m.5 views

CVE-2023-4002

An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for EE-licensed users to link any security policy project by its ID to projects or group...

6.5CVSS6.5AI score0.00488EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2023/03/10 8:15 a.m.14 views

CVE-2023-1091

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...

9.8CVSS9.9AI score0.00706EPSS
Exploits0References2
CVE
CVE
added 2023/03/10 7:2 a.m.53 views

CVE-2023-1091

The CVE-2023-1091 entry describes an SQL Injection vulnerability in Alpata Licensed Warehousing Automation System (through version 2023.1.01). The issue arises from improper neutralization of input in SQL commands, enabling possible Command Line Execution. Affected component is the warehouse auto...

9.8CVSS7.4AI score0.00706EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/10 7:2 a.m.21 views

CVE-2023-1091 SQL Injection found in ALPATA's Licensed Warehousing Automation System

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...

9.8CVSS10AI score0.00706EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/03/10 7:2 a.m.12 views

CVE-2023-1091 SQL Injection found in ALPATA's Licensed Warehousing Automation System

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...

9.8CVSS7.4AI score0.00706EPSS
Exploits0References2
Fedora
Fedora
added 2022/12/23 1:20 a.m.41 views

[SECURITY] Fedora 37 Update: ntfs-3g-2022.10.3-1.fc37

NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux and many other operating systems. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. NTFS-3G can create, remove,...

7.8CVSS1.4AI score0.00347EPSS
Exploits0
NVD
NVD
added 2022/12/19 11:15 a.m.27 views

CVE-2022-44754

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described i...

9.8CVSS0.00646EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 11:15 a.m.5 views

CVE-2022-44754

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described i...

7.8CVSS6.3AI score0.00646EPSS
Exploits0References1
OSV
OSV
added 2022/12/19 11:15 a.m.4 views

CVE-2022-44753

HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously...

7.8CVSS6.3AI score0.00646EPSS
Exploits0References1
Rows per page
Query Builder