expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

DEBIAN-CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

ALPINE-CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

PT-2022-7627 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ASoC component in the Linux kernel, specifically with the function snd soc put volsw. The problem arises because the limits of the control can be signed...

CVE-2021-30324

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,...

SMBSR - Lookup For Interesting Stuff In SMB Shares

Well, SMBSR is a python script which given a CIDR/IP/IPfile/HOSTNAMEs enumerates all the SMB services listening 445 among the targets and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively in order to find secrets in files...

golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header

A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes...

DEBIAN-CVE-2022-21708

graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...

Trend Micro Maximum Security Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exis...

Krisp: [api.krisp.ai] Race condition on /v2/seats endpoint allows bypassing the original seat limit

Security researcher has found a race condition on one of our endpoints which was effectively bypassing maximum seats limit, We would like to thank @alp for reporting it responsibly to our bug bounty program ! I found a race condition issue at the /v2/seats endpoint. It allowed bypassing maximum...

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

EulerOS Virtualization 2.9.1 : libX11 (EulerOS-SA-2021-2744)

According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...

GSD-2021-1002121 usbnet: sanity check for maxpacket

usbnet: sanity check for maxpacket This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.16 by commit 7e8b6a4f18edee070213cb6a77118e8a412253c5...

GSD-2021-1001963 usbnet: sanity check for maxpacket

usbnet: sanity check for maxpacket This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.254 by commit 74b3b27cf9fecce00cd8918b7882fd81191d0aa4...