The vulnerability of the parse_usdt_arg() function in the tools/lib/bpf/usdt.c module of the Linux kernel’s BPF component allows a hacker to induce a service failure.

The vulnerability of the parseusdtarg function in the tools/lib/bpf/usdt.c module of the Linux kernel’s BPF component is related to a memory overflow issue. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

Vulnerabilities fixed in Python

Vulnerabilities have been fixed in Python. In addition to the vulnerabilities in OpenSSL, for which the NCSC has published previous security advisories published, a vulnerability has also been fixed in the urllib.parse component. Because proper input validation does not take place, it is possible...

Folding@home fah-control Security Vulnerability

fah-control is a Folding@home open source Client Advanced Control GUI. A security vulnerability exists in the Folding@home Client Advanced Control GUI that allows an attacker to execute arbitrary code by manipulating the parsemessage function...

PT-2023-35934 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash state indicates repeated calls to the parse regex function, suggesting a potential...

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...

CVE-2022-31200

Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...

python: urllib.parse url blocklisting bypass

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

PT-2023-26305 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a malicio...

SUSE-SU-2023:2937-1 Security update for python311

This update for python311 fixes the following issues: python was updated to version 3.11.4: - CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters bsc1208471. - CVE-2007-4559: Fixed python tarfile module directory traversal...

CLSA-2023-1689885970 Fix CVE(s): CVE-2023-24329

SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: Start stripping C0 control and space chars in urlsplit - CVE-2023-24329...

CLSA-2023-1689885838 Fix CVE(s): CVE-2023-24329

SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2-v2.7.patch: Start stripping C0 control and space chars in urlsplit - debian/patches/CVE-2023-24329-v2.7.patch: Fix testattributesbadscheme to check for non-ascii symbol as first character...

The vulnerability of the `parse_tag_and_wiretype` function in the `protobuf-c.c` component of the Protobuf-c programming language for serializing data allows a attacker to cause a service failure.

The vulnerability of the parsetagandwiretype function in the protobuf-c.c component of the Protobuf serialization programming language C Protobuf-c is related to errors during resource release. Exploiting this vulnerability allows an attacker to cause service failures remotely...

SUSE CVE-2021-34119

A flaw was discovered in htmodoc 1.9.12 in function parseparagraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file...

DEBIAN-CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

DEBIAN-CVE-2021-34119

A flaw was discovered in htmodoc 1.9.12 in function parseparagraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file...

CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

UBUNTU-CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

PT-2023-12243 · Htmodoc +3 · Htmodoc +3

Name of the Vulnerable Software and Affected Versions: htmodoc version 1.9.12 Description: A flaw was discovered in the parse paragraph function in ps-pdf.cxx, which possibly allows code execution and a denial of service via a crafted file. Recommendations: For version 1.9.12, consider restrictin...

Denial Of Service (DoS)

github.com/malfunkt/iprange is vulnerable to Denial of Service DoS attacks. The vulnerability exists in Parse function of y.go, which allows a malicious user to parse a range with a mask larger than 32 bits which causes a panic, resulting in an application crash...

CVE-2023-29456

URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards...