CVE-2023-23557

CVE-2023-23557 affects Facebook Hermes (JavaScript engine used in React Native). The root cause is a type-confusion bug caused by copying object properties prior to commit, enabling an attacker to execute arbitrary code when Hermes runs untrusted JavaScript. The vulnerability is described across ...

jackson-databind: denial of service via a large depth of nested objects

A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects...

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

PT-2023-35830 · Assimp · Assimp

Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to a heap-use-after-free error. Technical details about the crash include the Assimp::FBXExporter::WriteObjects and Assimp::FBXExporter::ExportBinary functions, as well ...

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

Linux Kernel vmwgfx Driver Race Condition Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

kernel: mm/slub: actually fix freelist pointer vs redzoning

In the Linux kernel, the following vulnerability has been resolved: mm/slub: actually fix freelist pointer vs redzoning It turns out that SLUB redzoning "slubdebug=Z" checks from s-objectsize rather than from s-inuse which is normally bumped to make room for the freelist pointer, so a cache creat...

PT-2024-11230 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the SLUB redzoning feature in the Linux kernel, which checks for corruption from s-object size instead of s-inuse. This can cause the freelist pointer to be...

GHSA-WHPJ-8F3W-67P5 vm2 Sandbox Escape vulnerability

A sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy. Impact A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. Patches Thi...

Xpdf 安全漏洞

Glyph & Cog Xpdf is an open source PDF file viewer from Glyph & Cog. A security vulnerability exists in Xpdf 4.04 and earlier versions, which stems from a loop of PDF objects embedded in the file tree that can lead to infinite recursion and a stack overflow...

Missing Authorization

silverstripe/framework is vulnerable to Missing Authorization. The vulnerability exists due to missing authorization checks on the GridFieldPrintButton.php data objects, which allows an attacker to gain sensitive information...

jackson-databind: denial of service via a large depth of nested objects

A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects...

kernel: drm/i915/ttm: don't leak the ccs state

In the Linux kernel, the following vulnerability has been resolved: drm/i915/ttm: don't leak the ccs state The kernel only manages the ccs state with lmem-only objects, however the kernel should still take care not to leak the CCS state from the previous user. cherry picked from commit...

SAP BusinessObjects Platform 安全漏洞

SAP BusinessObjects Platform is a centralized suite for data reporting, visualization and sharing from SAP, Germany. A security vulnerability exists in SAP BusinessObjects Platform, which can be exploited by remote attackers to submit a special request that can be sniffed to obtain sensitive...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-1827)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-1809)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-28656

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-28656

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-28656 NGINX Management Suite vulnerability

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...