nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

Important: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

Important: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Important: Red Hat Security Advisory: nss security and bug fix update

An update for nss is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Important: Red Hat Security Advisory: nss security and bug fix update

An update for nss is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

nss: Arbitrary memory write via PKCS 12

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-070 advisory. 2024-04-10: CVE-2023-0461 was added to this advisory. 2024-02-01: CVE-2024-0562 was added to this advisory. 2024-02-01: CVE-2022-48619 was added to this advisory. 2023-10-10: CVE-2023-3357 was...

Important: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Important: httpd24

Issue Overview: A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE-2006-20001 Inconsistent...

RHEL 7 : nss (RHSA-2023:1332)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1332 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-1943)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1943 advisory. - A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-0500)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0500 advisory. - A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory wri...

CVE-2023-0811

Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII...

nss security update

An update is available for nss. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

Important: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Important: nss security update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 For more details about the security issues, including the impact, a CVSS...

Denial Of Service (DoS)

Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the integer overflow in Window Manager, which allows an attacker to convince a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interaction, leading to an...

Security fix for the ALT Linux 10 package thunderbird version 102.8.0-alt1

102.8.0-alt1 built March 10, 2023 Pavel Vasenkov in task 316084 Feb. 28, 2023 Pavel Vasenkov - New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes +...

Wasmtime 缓冲区错误漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm-optimized runtime for WebAssembly and WASI only. Wasmtime suffers from a buffer error vulnerability that stems from the code generator's address pattern calculation incorrectly calculating valid addresses, which can be exploited by an...