6934 matches found
PT-2023-27258 · Google · Android
Name of the Vulnerable Software and Affected Versions: utils.cc affected versions not specified Description: The issue is related to a possible out of bounds read in the parse gap data function of utils.cc due to a missing bounds check. This could lead to local information disclosure and requires...
PT-2023-7351 · Perl +2 · Perl +2
Name of the Vulnerable Software and Affected Versions: Perl versions 5.30.0 through 5.38.1 Description: The issue is related to the S parse uniprop string function in regcomp.c, which can write to unallocated space due to mishandling of a property name associated with a regular expression...
Improper Validation of Syntactic Correctness of Input
Overview Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range". PoC go import "fmt"...
DEBIAN-CVE-2023-48039
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gfmpdparsestring mediatools/mpd.c:75...
UBUNTU-CVE-2023-48039
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gfmpdparsestring mediatools/mpd.c:75...
GPAC Security Vulnerabilities
GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 2.3-DEV-rev617-g671976fcc-master, which stems from a memory leak vulnerability in component gfmpdparsestring mediatools/mpd.c:75...
PT-2023-8888 · Gpac +2 · Gpac +2
Name of the Vulnerable Software and Affected Versions: GPAC versions 2.3-DEV-rev617-g671976fcc-master Description: The issue is related to a memory leak in the gf mpd parse string function, located in media tools/mpd.c:75, due to the lack of memory release after its effective term of service...
CVE-2023-6038
A Local File Inclusion LFI vulnerability exists in the h2o-3 REST API, allowing unauthenticated remote attackers to read arbitrary files on the server with the permissions of the user running the h2o-3 instance. This issue affects the default installation and does not require user interaction. Th...
PT-2023-32489 · H2O-3 · H2O-3
Name of the Vulnerable Software and Affected Versions: h2o-3 version 3.40.0.4 Description: A Local File Inclusion LFI issue exists in the h2o-3 REST API, allowing unauthenticated remote attackers to read arbitrary files on the server with the permissions of the user running the h2o-3 instance. Th...
GPAC Security Vulnerabilities
GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version v2.3-DEV-rv566-g50c2ab06f-master, which stems from a buffer overflow vulnerability in the function hevcparsevpsextension...
The vulnerability of the parse method in the json5 package manager library in NPM allows a hacker to trigger a service failure.
The vulnerability of the parse method in the json5 package manager library from NPM is related to uncontrolled changes to prototype attributes of objects. Exploiting this vulnerability could allow a malicious actor to cause service failures...
c-ares: Heap buffer over read in ares_parse_soa_reply
A heap buffer over-read flaw was found in c-ares via the aresparsesoareply function in aresparsesoareply.c...
protobuf-c: unsigned integer overflow in parse_required_member
A vulnerability was found in protobuf-c. This security flaw leads to an unsigned integer overflow in parserequiredmember...
golang: go/parser: Infinite loop in parsing
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service...
kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d98b548365 "mt76: mt7921: rely on...
kernel: LSM: general protection fault in legacy_parse_param
In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular...
golang: go/parser: Infinite loop in parsing
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service...
Use-after-free in parse_lease_state()
...
The vulnerability of the _bfd_elf_parse_attributes function in the elf-attrs.c component of the GNU Binutils development environment allows a attacker to cause a service failure.
The vulnerability of the bfdelfparseattributes function in the elf-attrs.c component of the GNU Binutils development environment is related to reading data beyond the allowable buffer limits. Exploiting this vulnerability allows an attacker to cause service failures through a specially created EL...
The vulnerability of the _bfd_elf_parse_attributes function in the elf-attrs.c component of the GNU Binutils development environment allows a attacker to cause a service failure.
The vulnerability of the bfdelfparseattributes function in the elf-attrs.c component of the GNU Binutils development environment is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause a service failure through a specially created ELF file...