Lucene search
+L

300 matches found

OSV
OSV
added 2023/08/22 7:16 p.m.8 views

CVE-2021-40265

A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp...

8.8CVSS7AI score
Exploits0References1
OSV
OSV
added 2023/08/01 11:35 a.m.1 views

SUSE-SU-2023:3097-1 Security update for pipewire

This update for pipewire fixes the following security issues: - Fixed issue where an app which only has permission to access one stream can also access other streams bsc1213682. Bugfixes: - Fixed division by 0 and other issues with invalid values glfopipewire/pipewire2953 - Fixed an overflow...

7.5AI score
Exploits0References2
OSV
OSV
added 2023/06/22 9:35 p.m.6 views

CLSA-2023-1687469728 Fix CVE(s): CVE-2022-39377, CVE-2023-33204

SECURITY UPDATE: a possible overflow because of an incomplete fix of CVE-2022-39377 - debian/patches/CVE-2023-33204.patch: check an overflow and exit if it be - CVE-2023-33204...

7.8CVSS7.2AI score0.01096EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2023/05/09 10:9 a.m.10 views

QEMU: ACPI ERST: memory corruption issues in read_erst_record and write_erst_record

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

6.5CVSS6.4AI score0.00382EPSS
Exploits1References4
OSV
OSV
added 2023/04/24 6:5 p.m.7 views

SUSE-SU-2023:1971-1 Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP4)

This update for the Linux Kernel 4.12.14-95102 fixes several issues. The following security issues were fixed: - CVE-2023-0590: Fixed race condition in qdiscgraft bsc1207795. - CVE-2023-1118: Fixed a use-after-free bugs caused by enetxirqsim in media/rc bsc1208837. - CVE-2022-2991: Fixed an...

7.8CVSS6.9AI score0.00412EPSS
Exploits0References7
OSV
OSV
added 2023/04/18 12:15 p.m.2 views

CVE-2021-40506

An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated for the msb and mac instructions, which results in an incorrect value in the overflow flag. Any software that relies on this flag may experience...

9.8CVSS5.6AI score0.00728EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.7 views

SUSE CVE-2005-3808

Integer overflow in the invalidateinodepages2range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service hang via 64-bit mmap calls that are not properly handled on a 32-bit system...

4.9CVSS6.6AI score0.00772EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.3 views

SUSE CVE-2011-2918

The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERFCOUNTSWCPUCLOCK events, which allows local users to cause a denial of service system hang via a crafted application...

5.5CVSS6AI score0.00921EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.6 views

SUSE CVE-2015-4643

Integer overflow in the ftpgenlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because ...

9.8CVSS9.5AI score0.16948EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.8 views

SUSE CVE-2018-5848

In the function wmisetie, the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ielen' argument can cause a buffer overflow in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...

7.8CVSS7.9AI score0.00366EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.3 views

SUSE CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts...

6.4CVSS6.9AI score0.00436EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.5 views

SUSE CVE-2022-21729

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

6.5CVSS6.6AI score0.00783EPSS
Exploits1References3
OSV
OSV
added 2023/02/14 6:15 p.m.4 views

UBUNTU-CVE-2023-25563

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...

7.5CVSS6AI score0.01091EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.4 views

PT-2023-34918 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.303 Description: The issue is related to an overflow before widen in the bitmap ip create function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.5 views

PT-2025-13326 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bug was found in the ublk driver of the Linux kernel. The issue occurs when assigning a large queue depth to a multiqueue ublk device, causing the ublk target to enter an incorrect...

6.8CVSS5.2AI score0.00229EPSS
Exploits0References17
Debian CVE
Debian CVE
added 2022/11/18 12:0 a.m.7 views

CVE-2022-41885

TensorFlow is an open source platform for machine learning. When tf.rawops.FusedResizeAndPadConv2D is given a large tensor shape, it overflows. We have patched the issue in GitHub commit d66e1d568275e6a2947de97dca7a102a211e01ce. The fix will be included in TensorFlow 2.11. We will also cherrypick...

7.5CVSS7AI score0.0043EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.3 views

PT-2022-33427 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.3 Description: The issue is related to an overflow check in the register shm helper function. It was introduced in version v4.16 and fixed in version v5.19.3. The actual impact and attack plausibility have...

7.5AI score
Exploits0References1
OSV
OSV
added 2022/08/16 9:15 p.m.4 views

CVE-2022-38231

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar at /xpdf/Stream.cc...

7.8CVSS7.1AI score0.00328EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/08/16 9:15 p.m.3 views

CVE-2022-35113

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via swfDefineLosslessBitsTagToImage at /modules/swfbits.c...

5.5CVSS6AI score0.00284EPSS
Exploits1References2
NVD
NVD
added 2022/05/03 4:15 p.m.30 views

CVE-2021-22556

The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...

7.8CVSS0.00155EPSS
Exploits0References2
Rows per page
Query Builder