49 matches found
CVE-2026-5466
CVE-2026-5466 affects wolfSSL’s ECCSI verifier wc_VerifyEccsiHash, which decodes r and s without validating they lie in [1, q-1]. This could allow forging a signature to verify against any message for any identity using publicly-known constants. Connected docs confirm the root cause: missing sani...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nfsd4decodecompound function that does not perform range checking, which could lead to out-of-bounds rea...
EUVD-2023-25018
Malicious code in bioql PyPI...
EUVD-2023-37060
Malicious code in bioql PyPI...
kernel security update
3.10.0-1160.119.1.0.9.el7.OL7 - netfilter: ipset: add missing range check in bitmapipuadt Jeongjun Park CVE-2024-53141 Orabug: 37964173 - Update OL SB certificates - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985797...
CVE-2023-20850
In imgsyscmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381...
CVE-2023-20843
In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119...
CVE-2023-20841
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441...
CVE-2023-20840
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430...
CVE-2023-20848
In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433...
CVE-2023-32839
In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262576; Issue ID: ALPS07262576...
kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmapipuadt When tbIPSETATTRIPTO is not present but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...