50 matches found
SUSE-SU-2025:03024-1 Security update for tomcat
This update for tomcat fixes the following issues: Updated to 9.0.108: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318 -...
SUSE SLES15 / openSUSE 15 Security Update : tomcat11 (SUSE-SU-2025:02979-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02979-1 advisory. Updated to Tomcat 11.0.9 - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations o...
Linux Distros Unpatched Vulnerability : CVE-2024-8176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML documen...
CVE-2024-35419
wac commit 385e1 was discovered to contain a heap overflow via the loadmodule function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...
CVE-2019-11931
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions...
CVE-2024-36613
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service DoS condition or other undefined behavior...
CVE-2024-33781
MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function octetStream::getbytes in /Tools/octetStream.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted message...
CVE-2024-33782
CVE-2024-33782 affects MP-SPDZ v0.3.8. The vulnerability is a stack overflow in OTExtensionWithMatrix::extend (location: /OT/OTExtensionWithMatrix.cpp) that can cause a Denial of Service via a crafted message. Public sources in the connected data confirm the vulnerable component and impact. There...
CVE-2023-31557
xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readEmbeddedFileTreeObject. This vulnerability allows attackers to cause a Denial of Service DoS...
CVE-2023-22915
A buffer overflow vulnerability in the “fbwififorward.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50W firmware versions 4.30 through 5.35, USG20W-VPN firmware versions 4.30 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could...
CVE-2023-24180
Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmaploader.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted elf file...
CVE-2023-24180
Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmaploader.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted elf file...
AZL-35289 CVE-2022-38725 affecting package syslog-ng for versions less than 4.3.1-2
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...
CVE-2022-43237
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43236
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
Heap overflow
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ffhevcputhevcqpelh2v1sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43252
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putepel16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-43253
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putunweightedpred16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
CVE-2022-34612
Rizin v0.4.0 and below was discovered to contain an integer overflow via the function getlongobject. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted binary...
CVE-2021-41396
Removed by vendor...