6933 matches found
Out-of-bounds
In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Out-of-bounds
In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2023-21161
In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc USA. A security vulnerability exists in Google Pixel, which originates in parseSecurityParamsFromXml in XmlUtil.java, where file encryption may fail due to a competitive condition, which could lead to local information disclosure...
Parse Server 安全漏洞
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server versions prior to 5.5.2 and prior to 6.2.1, which stems from a vulnerability that allows an attacker to trigger remote code execution using a...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from the presence of a missing bounds check in the Parse of the simdata.cpp file, which may result in out-of-bounds writes...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from the presence of a missing bounds check in the Parse of the simdata.cpp file, which may result in out-of-bounds writes...
PT-2023-25584 · Unknown +2 · Parse Server +2
Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 5.5.2 and 6.2.1 Description: The issue allows an attacker to use a prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. This can be exploited in Parse Server, an open sour...
python: urllib.parse url blocklisting bypass
A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...
SUSE CVE-2023-33290
The git-url-parse crate through 0.4.4 for Rust allows Regular Expression Denial of Service ReDos via a crafted URL to normalizeurl in lib.rs, a similar issue to CVE-2023-32758 Python...
PyPDF2 安全漏洞
PyPDF2 is a free open source pure python PDF library . Able to split, merge, crop and convert pages of a PDF file. PyPDF2 versions 2.2.0 to 3.8.1 has a security vulnerability , the vulnerability stems from the attacker may be able to create a PDF, if the implementation of parsecontentstream, will...
CVE-2022-48336
Widevine Trusted Application TA 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow...
python: urllib.parse url blocklisting bypass
A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...
The vulnerability of the _bfd_elf_parse_gnu_properties function in the elf-properties.c library of the GNU Binutils development toolset allows a attacker to cause a service failure.
The vulnerability of the bfdelfparsegnuproperties function in the elf-properties.c library of the GNU Binutils development toolset is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...
SUSE CVE-2023-3359
An issue was discovered in the Linux kernel brcmnvramparse in drivers/nvmem/brcmnvram.c. Lacks for the check of the return value of kzalloc can cause the NULL Pointer Dereference...
CLSA-2023-1687469630 Fix CVE(s): CVE-2023-24329
SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: start stripping C0 control and space chars in urlsplit - CVE-2023-24329...
CLSA-2023-1687469528 Fix CVE(s): CVE-2023-24329
SECURITY UPDATE: urllib.parse space handling CVE-2023-24329 appears unfixed - debian/patches/CVE-2023-24329-2.patch: start stripping C0 control and space chars in urlsplit - CVE-2023-24329...
python: urllib.parse url blocklisting bypass
A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...
python: urllib.parse url blocklisting bypass
A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...
python: urllib.parse url blocklisting bypass
A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...