184 matches found
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45662
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45661
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...
CVE-2023-45661
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...
CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...
GitLab 13.12 < 16.2.8 / 16.3.0 < 16.3.5 / 16.4.0 < 16.4.1 (CVE-2023-5106)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to...
CVE-2023-5106 Incorrect Authorization in GitLab
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...
CVE-2023-5106 Incorrect Authorization in GitLab
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...
CVE-2023-5106
Removed by vendor...
How to find bandwidth consumed by a Virtual Server on Netscaler.
This article describe how tofind which Virtual Server consumes the highest bandwidth when the licensed throughput limit is reached...
CVE-2023-4002
An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for EE-licensed users to link any security policy project by its ID to projects or group...
CVE-2023-1091
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...
CVE-2023-1091
The CVE-2023-1091 entry describes an SQL Injection vulnerability in Alpata Licensed Warehousing Automation System (through version 2023.1.01). The issue arises from improper neutralization of input in SQL commands, enabling possible Command Line Execution. Affected component is the warehouse auto...
CVE-2023-1091 SQL Injection found in ALPATA's Licensed Warehousing Automation System
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...
CVE-2023-1091 SQL Injection found in ALPATA's Licensed Warehousing Automation System
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection. This issue affects Licensed Warehousing Automation System: through 2023.1.01...
[SECURITY] Fedora 37 Update: ntfs-3g-2022.10.3-1.fc37
NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux and many other operating systems. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. NTFS-3G can create, remove,...
CVE-2022-44754
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described i...
CVE-2022-44754
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described i...
CVE-2022-44753
HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously...