Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling null elements at the end of an array, resulting in an out-of-bounds read...

CVE-2021-30141

Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states "the feature still requires a valid...

PT-2021-18628 · Friendica · Friendica

Name of the Vulnerable Software and Affected Versions: Friendica versions through 2021.01 Description: The issue allows the settings/userexport feature to be accessed by anonymous users, potentially leading to excessive memory consumption and attempted access to an array offset on a value of type...

JDK: Out-of-bounds access in the String.getBytes method

In Eclipse OpenJ9 prior to 0.15, the String.getBytesint, int, byte, int method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Ja...

JDK: Out-of-bounds access in the String.getBytes method

In Eclipse OpenJ9 prior to 0.15, the String.getBytesint, int, byte, int method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Ja...

CVE-2017-14505

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c by providing a crafted Image File as input...