64 matches found
PT-2024-32335 · Mattermost +1 · Mattermost +1
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.0 Mattermost versions 9.5.x through 9.5.8 Description: The issue arises from the failure to validate that the message of a permalink post is a string, allowing an attacker to send a non-string value as...
kernel: mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
Denial Of Service (DoS)
fast-string-search is vulnerable to denial of service. The vulnerability exists due to incorrect computations for non-string inputs which allows an attacker to gain read access from non-permitted locations and cause an application crash...
Malicious code in non-string-num (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c430d1d68111014594a9adefc76a74cc7f5cb9052db663c69fd1df535d8bd61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-4263-Q746-94MW Uncontrolled Resource Consumption in fast-string-search
All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...
CVE-2022-22138
All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...
CVE-2022-25872
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...
Out-of-bounds
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...
Design/Logic Flaw
All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...
CVE-2022-25872 Out-of-bounds Read
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...
CVE-2022-22138 Denial of Service (DoS)
All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...
CVE-2022-22138
All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...
CVE-2022-25872
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...
fast-string-search 安全漏洞
fast-string-search is a search function that can search for strings using N-API and boyer-moore-magiclen. fast-string-search suffers from a denial-of-service vulnerability that stems from incorrect computation of non-string input, which can be exploited by an attacker to cause fast-string- search...
fast-string-search 缓冲区错误漏洞
fast-string-search is a module from the individual developer Magic Len Ron Li in China that searches for substrings in a string using N-API and boyer-moore-magiclen. A security vulnerability exists in fast-string-search due to incorrect memory freeing and length calculation of any non-string inpu...
Out-of-bounds Read
Overview fast-string-search is a module that can search substrings in a string by using N-API and boyer-moore-magiclen. Affected versions of this package are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows...
Denial of Service (DoS)
Overview fast-string-search is a module that can search substrings in a string by using N-API and boyer-moore-magiclen. Affected versions of this package are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from...
PYSEC-2021-272
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...
CVE-2021-37650
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...
CVE-2020-29069
getflagiplocaldb in server/mhn/ui/utils.py in Modern Honey Network MHN through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string...