124 matches found
CVE-2024-26795 riscv: Sparse-Memory/vmemmap out-of-bounds fix
In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of physical memory in order to ensure that vmemmap’s bounds will be respected during...
The vulnerability of the professional video editing software Adobe Premiere Pro lies in the overflow of buffers in dynamic memory, allowing attackers to execute arbitrary code.
The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current user...
Undertow Uncontrolled Resource Consumption Vulnerability
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...
CVE-2023-52427
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resourcelimits.maxsamples. NOTE: the vendor's position is that the product is not designed to handle a maxsamples value that is too large for the amount of memory on the system...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.14.1 security and bug fix update
Red Hat OpenShift Virtualization release 4.14.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
CVE-2023-41042
Discourse is an open-source discussion platform. Prior to version 3.1.1 of the stable branch and version 3.2.0.beta1 of the beta and tests-passed branches, importing a remote theme loads their assets into memory without enforcing limits for file size or number of files. The issue is patched in...
AZL-26028 CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount ...
CVE-2023-24536 Excessive resource consumption in net/http, net/textproto and mime/multipart
Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. This stems from several causes: 1. mime/multipart.Reader.ReadForm limits the total memory a parsed multipart form can consume. ReadForm can undercount the amount ...
SUSE CVE-2020-28493
This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre regex operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to...
Vim text editor’s build_stl_str_hl() function vulnerability, allowing an attacker to execute arbitrary code
The vulnerability of the buildstlstrhl function in the Vim text editor is related to the execution of an operation beyond the buffer’s memory limits. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2022-24375
The package node-opcua before 2.74.0 are vulnerable to Denial of Service DoS when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False...
node-opcua 资源管理错误漏洞
node-opcua is a French Sterfive SAS open source implementation of an OPC UA stack written entirely in Typescript for NodeJS. A resource management error vulnerability exists in versions of node-opcua prior to 2.74.0. An attacker can exploit this vulnerability to bypass excessive memory consumptio...
FreeOpcUa 安全漏洞
FreeOpcUa is an open source C++ OPC-UA server and client library. A security vulnerability exists in FreeOpcUa, which is susceptible to a denial of service DoS attack when sending multiple CloseSession requests with the DeleteSubscription parameter equal to False to bypass excessive memory...
PT-2022-16588 · Freeopcua · Freeopcua
Name of the Vulnerable Software and Affected Versions: freeopcua/freeopcua versions all Description: The issue allows for Denial of Service DoS by bypassing limitations for excessive memory consumption. This is achieved by sending multiple CloseSession requests with the deleteSubscription paramet...
PYSEC-2022-43180
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 previously known as avro-rs. Users should update to apache-avro version 0.14.0 which addresses...
Rust-WebSocket memory allocation based on untrusted length
Impact Untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When...
USN-5546-1 openjdk-8, openjdk-lts, openjdk-17, openjdk-18 vulnerabilities
Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. CVE-2022-21449 It was discovered that OpenJDK incorrectly limited memo...
Unbounded memory allocation based on untrusted length
Impact Untrusted websocket connections can cause an out-of-memory OOM process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When...
SUSE-SU-2021:3977-1 Security update for xen
This update for xen fixes the following issues: - CVE-2021-28701: Fixed race condition in XENMAPSPACEgranttable handling XSA-384 bsc1189632. - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD...
python-jinja2: ReDoS vulnerability in the urlize filter
A flaw was found in python-jinja2. The ReDOS vulnerability of the regex is mainly due to the sub-pattern a-zA-Z0-9.-+.a-zA-Z0-9.-+. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory...