24 matches found
EUVD-2017-7281
Malware in sbrugna...
CVE-2025-48990 NeKernel has Heap Overflow in `rt_copy_memory`
NeKernal is a free and open-source operating system stack. Version 0.0.2 has a 1-byte heap overflow in rtcopymemory, which unconditionally wrote a null terminator at dstlen. When len equals the size of the destination buffer 256 bytes, that extra '\0' write overruns the buffer by one byte. To avo...
Linux Distros Unpatched Vulnerability : CVE-2024-53142
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver- api/early-userspace/buffer-format.rst as: 37 cpiofile ...
Linux Distros Unpatched Vulnerability : CVE-2022-4899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun...
CVE-2024-46815
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check numvalidsets before accessing readerwmsets WHY & HOW numvalidsets needs to be checked to avoid a negative index when accessing readerwmsetsnumvalidsets - 1. This fixes an OVERRUN issue reported by Coverity...
SUSE CVE-2024-46729
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop WHY feclken has size of 5 but sizeoffeclken has byte size 20 which is lager than the array size. HOW Divide byte size 20 by its element size. This fixes 2 OVERRUN issues...
AZL-49770 CVE-2024-46730 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tginst won't be -1 WHY & HOW tginst will be a negative if timinggeneratorcount equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity...
AZL-67890 CVE-2024-42118 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not return negative stream id for array WHY resourcestreamtostreamidx returns an array index and it return -1 when not found; however, -1 is not a valid array index number. HOW When this happens, call ASSERT,...
CVE-2024-42120
CVE-2024-42120 pertains to the Linux kernel, specifically a vulnerability in the DRM AMD display code. The issue is an OVERRUN caused by accessing the pipe_ctx array without validating an index against its MAX_PIPES size, which could lead to out-of-bounds access in the vblank handling path. The d...
CVE-2024-42120 drm/amd/display: Check pipe offset before setting vblank
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipectx has a size of MAXPIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity...
PT-2023-19510 · Canonical +4 · Sgt-Puzzles
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A crafted save file can cause a buffer overrun in the Guess puzzle. There is no information available about the estimated number of potentially affected...
Low: tpm2-tss
Issue Overview: tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array only has...
SUSE-SU-2021:2995-1 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...
SUSE-SU-2021:2994-1 Security update for openssl-1_0_0
This update for openssl-100 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...
SUSE: Security Advisory (SUSE-SU-2016:2089-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:1498-1 Security update for samba
This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldbhandlerfold bsc1183574. - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs bsc1183572. - Avoid...
CVE-2017-9107
An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...
SUSE-SU-2018:1765-2 Security update for ntp
This update for ntp fixes the following issues: - Update to 4.2.8p11 bsc1082210: CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. CVE-2018-7182: ctlgetitem: buffer read overrun...
[SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Possible Buffer Overrun in smbd CVE : CAN-2004-0882 Affected Versions: Samba 3.0.x = 3.0.7 Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability - - ------------------ A patch for Samba...
GLSA-200410-22 : MySQL: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200410-22 MySQL: Multiple vulnerabilities The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one...