799 matches found
GPAC 资源管理错误漏洞
GPAC is an open source multimedia framework from GPAC Open Source. A resource management error vulnerability exists in GPAC version 2.3-DEV-revrelease, which stems from memory reuse after release...
SUSE-SU-2024:3962-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST bsc1216423...
PT-2024-21937 · Wasm3 · Wasm3
Name of the Vulnerable Software and Affected Versions: wasm3 version 139076a Description: The issue is a Use-After-Free in the ForEachModule function. This indicates a memory-related problem where memory is accessed after it has been freed, potentially leading to unexpected behavior or crashes. N...
UBUNTU-CVE-2024-10525
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its onsubscribe callback. This affects the mosquittosub and mosquittorr clients...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2772)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.12.0 : libtiff (EulerOS-SA-2024-2772)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. An out-of-memory issue in the TIFFReadEncodedStrip function can be triggered when processi...
EulerOS Virtualization 2.12.1 : libtiff (EulerOS-SA-2024-2754)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. An out-of-memory issue in the TIFFReadEncodedStrip function can be triggered when processi...
The vulnerability of the Substance 3D Stager software lies in its software, which is exposed due to a buffer overflow in the dynamic memory. This allows an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...
OSV-2024-1205 Memcpy-param-overlap in repeat
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372515088 Crash type: Memcpy-param-overlap Crash state: repeat repeat pere...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-2509)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2024-6789 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the Network Address Translation NAT technology of Windows operating systems. It is caused by a buffer overflow in memory, which...
PT-2024-6920 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: The issue is related to a memory use after free vulnerability in the Windows Shell. This vulnerability can be exploited by remote attackers to execute arbitrary code on the system,...
PT-2024-8851
Name of the Vulnerable Software and Affected Versions libjxl libjxl-devel-0.11.1-1.1 libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 jpeg-xl affected versions not specified Description A stack buffer overflow exists in the libjxl library's JPEG XL decoder. A specially crafted file can caus...
ROS-20240924-05
The vulnerability in Firefox ESR web browsers, Firefox and Thunderbird email client is related to writing beyond the buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Thunderbird email client and Firefox,...
PT-2024-29103 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.7 macOS versions prior to 15 Description: The issue was addressed with improved memory handling. Processing a maliciously crafted video file may lead to unexpected app termination. Recommendations: For macOS version...
The vulnerability of the FontFace component in the Firefox web browser, related to memory usage after it is freed, allows a hacker to trigger a service denial.
The vulnerability of the FontFace component in the Firefox web browser is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
Unspecified vulnerability in Linux kernel (CNVD-2024-39468)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a corrupted physical memory information segment in the s390/boot component. No details of the vulnerability...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 128.0.6613.138, which stems from a messed up instruction responsible for freeing memory in Autofill. An attacker could exploit this vulnerability to...
USN-6997-1 tiff vulnerability
It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service...
CVE-2023-7256
In affected libpcap versions during the setup of a remote packet capture the internal function sockinitaddress calls getaddrinfo and possibly freeaddrinfo, but does not clearly indicate to the caller function whether freeaddrinfo still remains to be called after the function returns. This makes i...