Astra Linux – Vulnerability in libxmp

Libxmp through version 4.6.2 has a stack-based buffer overflow in the depackpha function in the loaders/prowizard/pha.c file, due to a malformed Pha format tracker module in a .mod file...

PT-2026-44093

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not...

UBUNTU-CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

CVE-2024-44598

FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module...

EUVD-2022-50140

Malicious code in bioql PyPI...

libtpms: Libtpms Out-of-Bounds Read Vulnerability

A flaw was found in libtpms. A heap buffer overflow can occur in the tpmsparsepssh function when parsing a malformed Public Signature Key Exchange PSK structure. A local attacker can trigger this overflow by providing a crafted PSK structure to the library. This can lead to a denial of service or...

OESA-2023-1299 libtpms security update

A library providing TPM functionality for VMs. Targeted for integration into Qemu. Security Fixes: An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfull...

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2023:2757)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2757 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 QEMU: VNC: integer underflow in vncclientcuttextext leads to CPU exhaustion CVE-2022-3165...

tpm2: TCG TPM2.0 implementations vulnerable to memory corruption

An out-of-bound read vulnerability was found in the TPM 2.0's Module Library, which allows the reading of 2-byte data after the end of the TPM command. This flaw allows an attacker to leak confidential data stored within the libtpms context...

tpm2: TCG TPM2.0 implementations vulnerable to memory corruption

An out-of-bound read vulnerability was found in the TPM 2.0's Module Library, which allows the reading of 2-byte data after the end of the TPM command. This flaw allows an attacker to leak confidential data stored within the libtpms context...

tpm: TCG TPM2.0 implementations vulnerable to memory corruption

An out-of-bounds write vulnerability was found in the TPM 2.0's Module Library, which allows the writing of 2-byte data after the end of the TPM command. This flaw may lead to a denial of service or arbitrary code execution within the libtpms scope...

tpm2: TCG TPM2.0 implementations vulnerable to memory corruption

An out-of-bound read vulnerability was found in the TPM 2.0's Module Library, which allows the reading of 2-byte data after the end of the TPM command. This flaw allows an attacker to leak confidential data stored within the libtpms context...

The vulnerability of the LinkDialog plugin in the module library facilitates the development of JavaScript- or AJAX-based applications and Dojo Toolkit-powered websites. This vulnerability allows attackers to compromise data integrity.

The vulnerability of the LinkDialog plugin from the module library, which facilitates the development of JavaScript- or AJAX-based applications and Dojo Toolkit websites, is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow an attacker to...

KLA48553 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...

KB5023706: Windows 11 version 22H2 Security Update (March 2023)

The remote Windows host is missing security update 5023706. It is, therefore, affected by multiple vulnerabilities - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An...

SUSE CVE-2023-1017

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...

SUSE CVE-2023-1018

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM...

CVE-2023-1017

An out-of-bounds write vulnerability was found in the TPM 2.0's Module Library, which allows the writing of 2-byte data after the end of the TPM command. This flaw may lead to a denial of service or arbitrary code execution within the libtpms scope...

CVE-2023-1018

An out-of-bound read vulnerability was found in the TPM 2.0's Module Library, which allows the reading of 2-byte data after the end of the TPM command. This flaw allows an attacker to leak confidential data stored within the libtpms context...

DEBIAN-CVE-2023-1017

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...