PT-2023-35651 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 1 crash type. The crash state involves functions such as htmlParseDocument, htmlDoRead, and...

PT-2023-35650 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow write crash. Technical details about the crash include the functions isvcd start of pic, isvcd parse decod...

SUSE CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

avahi: Reachable assertion in avahi_rdata_parse

A vulnerability was found in Avahi. A reachable assertion exists in the avahirdataparse function...

CVE-2023-48631

@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS...

PT-2023-35642 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 1. The crash state involves several functions: xmlDictLookupInternal,...

DEBIAN-CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-34194

CVE-2023-34194 affects TinyXML (TinyXML library) where StringEqual in TiXmlDeclaration::Parse within tinyxmlparser.cpp can trigger a reachable assertion and process exit when parsing a crafted XML containing a '\0' after whitespace. Affected versions include TinyXML up to 2.6.2. Debian LTS, Magei...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

CVE-2023-34194

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace...

kernel: use-after-free vulnerability in the smb client component

A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3fscontextparseparam, ctx-password was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their...

PT-2023-9053 · Jsonpath +1 · Jsonpath +1

Name of the Vulnerable Software and Affected Versions: json-path version 2.8.0 Description: The issue is related to a stack overflow in the Criteria.parse method of the json-path library. This can potentially allow a remote attacker to cause a denial of service. Recommendations: For json-path...

PT-2023-35627 · Git +1 · Quickjs

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue has been identified, potentially causing a crash. The crash occurs in the js is live code, js parse statement or decl,...

The vulnerability of the cmNetBiosParseName function in Canon printer software of the imageCLASS D, imageCLASS MF, imageCLASS LBP, imagePROGRAF, PIXMA, MAXIFY series allows a hacker to execute arbitrary code.

The vulnerability of the cmNetBiosParseName function in Canon printer microprogramming systems of the imageCLASS D, imageCLASS MF, imageCLASS LBP, imagePROGRAF, PIXMA, and MAXIFY series is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to...

CVE-2023-45781

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40083

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability due to a missing boundary check in parsegapdata in the utils.cc script. An attacker can exploit this vulnerability to obtain sensitive information...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by a missing boundary check in parsegapdata in the utils.cc script. An attacker can exploit this vulnerability to obtain sensitive information...

PT-2023-29691 · Google · Android

Name of the Vulnerable Software and Affected Versions: The affected software and versions are not specified. Description: The issue is related to a possible out of bounds read in the parse gap data function due to a missing bounds check. This could lead to local information disclosure, requiring...