CVE-2023-41058

Parse Server fixed a vulnerability where the Cloud trigger beforeFind was not invoked under certain Parse.Query conditions. The issue could bypass the security layer provided by beforeFind. The fix refactored the internal query pipeline and added a patch to ensure beforeFind is invoked. The fix w...

Parse Server Security Vulnerability

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server version 1.0.0, which stems from the Parse Cloud trigger "beforeFind" not being called under certain conditions in "Parse.Query"...

PT-2023-27766 · Unknown · Parse Server

Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 5.5.5 Parse Server versions prior to 6.2.2 Description: The issue concerns the Parse Cloud trigger beforeFind not being invoked in certain conditions of Parse.Query. This poses a risk for deployments where the...

Gnu Binutils objdump Out-of-Bounds Read Vulnerability

Gnu Binutils objdump is a command-line tool in the GNU Binutils toolset that is mainly used to analyze binary files e.g., executables, target files, static libraries, etc. and display their detailed information. An out-of-bounds read vulnerability exists in Gnu Binutils objdump, which stems from ...

GNU Binutils parse_stab_struct_fields function memory leak vulnerability

GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. GNU Binutils suffers from a memory leak vulnerability that originates from a memory leak ...

OSV-2023-745 Heap-buffer-overflow in pcpp::SomeIpSdLayer::isDataValid

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61774 Crash type: Heap-buffer-overflow READ 4 Crash state: pcpp::SomeIpSdLayer::isDataValid pcpp::SomeIpLayer::parseSomeIpLayer pcpp::UdpLayer::parseNextLayer...

CVE-2022-47011

An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

AZL-28585 CVE-2022-47673 affecting package crash for versions less than 8.0.1-4

An issue was discovered in Binutils addr2line before 2.39.3, function parsemodule contains multiple out of bound reads which may cause a denial of service or other unspecified impacts...

DEBIAN-CVE-2022-47011

An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

DEBIAN-CVE-2022-47673

An issue was discovered in Binutils addr2line before 2.39.3, function parsemodule contains multiple out of bound reads which may cause a denial of service or other unspecified impacts...

AZL-28048 CVE-2022-47011 affecting package binutils for versions less than 2.37-9

An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

AZL-28597 CVE-2020-22217 affecting package python-gevent for versions less than 21.1.2-1

Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c...

UBUNTU-CVE-2020-22217

Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c...

UBUNTU-CVE-2021-32292

An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...

ncurses 缓冲区错误漏洞

ncurses is a character terminal processing library that provides a set of functions that can be called by the user to generate a text-based user interface. A security vulnerability exists in ncurses version 6.1 due to a buffer overflow in the postprocessterminfo method of tinfo/parseentry.c. The...

CVE-2020-22217

Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c...

Parse Server transformUpdate Prototype Pollution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parse Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the transformUpdate function. The issue results from the lack of control over modifications to...

CVE-2022-47011

An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

PT-2023-5192 · Gnu +5 · Binutils +5

Name of the Vulnerable Software and Affected Versions: Binutils versions 2.34 through 2.38 Description: An issue was discovered in the function parse stab struct fields in stabs.c, which allows attackers to cause a denial of service due to memory leaks. The vulnerability is related to a memory...

GNU Binutils 缓冲区错误漏洞

Gnu Binutils objdump is a command-line tool in the GNU Binutils toolset that is mainly used to analyze binary files e.g., executables, target files, static libraries, etc. and display their detailed information. An out-of-bounds read vulnerability exists in Gnu Binutils objdump, which stems from ...