89 matches found
EUVD-2020-23769
Malware in sbrugna...
EUVD-2022-34778
Malicious code in bioql PyPI...
CVE-2022-50287
The CVE-2022-50287 entry pertains to the Linux kernel DRM/I915 path, where a memory leak/undefined behavior can occur in generate_lfp_data_ptrs. Specifically, ptrs is freed via kfree() when (size != 0 || ptrs->lvds_entries != 3) but ptrs was not allocated with kzmalloc(); it was obtained by po...
Linux Distros Unpatched Vulnerability : CVE-2020-36224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
DEBIAN-CVE-2024-50088
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free in addinoderef The addinoderef function does not initialize the "name" struct when it is declared. If any of the following calls to "readoneinode returns NULL, dir = readoneinoderoot,...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
Mozilla: Memory corruption in thread creation
The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...
PT-2024-3704 · Omron · Cx-One +1
Name of the Vulnerable Software and Affected Versions: CX-One versions 4.61.1 and earlier Sysmac Studio versions 1.56 and earlier Description: The issue is related to the use of a function that frees a pointer not at the start of a buffer, which can be exploited to execute arbitrary code. This ca...
CentOS 9 : libtiff-4.4.0-5.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-5.el9 build changelog. - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that...
[slackware-security] krb5
New krb5 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/krb5-1.19.2-i586-4slack15.0.txz: Rebuilt. Fix potential uninitialized pointer free in kadm5 XDR parsing. For more information, see:...
EulerOS 2.0 SP11 : libtiff (EulerOS-SA-2023-2274)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1 CVE-2022-2519 - A flaw was found in libtiff...
EulerOS Virtualization 2.11.1 : libtiff (EulerOS-SA-2023-2074)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For user...
SUSE CVE-2007-0772
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service oops via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer...
SUSE CVE-2020-36224
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
SUSE CVE-2021-42377
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input...
SUSE CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
libtiff security update
An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...
RHEL 9 : libtiff (RHSA-2023:0302)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0302 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: LibTiff: DoS from...
libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...