20386 matches found
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...
Astra Linux - уязвимость в cgal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...
Astra Linux - уязвимость в wireshark
The NetScreen file parser crashes in Wireshark versions 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18. This issue allows for denial of service through malicious capture files...
Astra Linux - уязвимость в cgal
Multiple code execution vulnerabilities exist in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of...
Astra Linux - уязвимость в http-parser
Node.js versions before 10.23.1, 12.20.1, 14.15.4, and 15.5.1 allow for two copies of a header field in an HTTP request for example, two Transfer-Encoding header fields. In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling...
Astra Linux - уязвимость в node-ini
This affects the package ini before version 1.3.6. If an attacker submits a malicious INI file to an application that parses it using ini.parse, they will corrupt the prototype within the application. This can be further exploited depending on the context...
Astra Linux - уязвимость в ruby-rack
Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parsed query strings and application/x-www-form-urlencoded bodies into Ruby data structures without imposing any limit on the number of parameters. This allowed attackers to send requests...
Astra Linux - уязвимость в gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. An out-of-band read issue has been discovered in the qtdemuxparsesvq3stsddata function within qtdemux.c. In the FOURCCSMI case, seqhsize is read from the input file without proper validation. If seqhsize is greater than...
Astra Linux - уязвимость в sqlite3
SQLite 3.30.1 improperly handles certain parser-tree rewrites, related to files expr.c, vdbeaux.c, and window.c. This issue is caused by incorrect error handling in the sqlite3WindowRewrite function...
Astra Linux - уязвимость в opencv
A issue was discovered in OpenCV prior to version 4.1.1. There is a NULL pointer dereferencing in the function cv::XMLParser::parse, located in modules/core/src/persistence.cpp...
Astra Linux - уязвимость в node-body-parser
body-parser is a Node.js body parsing middleware. body-parser version 1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. This issue has...
Astra Linux - уязвимость в http-parser
HTTP request smuggling in Node.js versions 10, 12, and 13 causes the delivery of malicious payloads when transfer-encoding is malformed...
Astra Linux – Vulnerability in openimageio
A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially crafted targa file can lead to out-of-bound read and write operations on the process stack, which can result in arbitrary code execution. An attacker can provide a malicious file...
Astra Linux - уязвимость в raptor2
In the Raptor RDF Syntax Library version 2.0.16, there was a heap-based buffer overflow issue during the parsing of triples using the nquads parser in the raptorntriplesparseterminternal function...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
Moderate: Red Hat Security Advisory: glib2 security update
An update for glib2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...
Moderate: Red Hat Security Advisory: glib2 security update
An update for glib2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...