12 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-53308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback...
CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...
kernel: wifi: nl80211: don't free NULL coalescing rule
A possible NULL pointer dereference was observed in the Linux kernel, in net/wireless/nl80211.c. This may lead to a crash...
BIT-MATTERMOST-2023-5333
Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to /api/v4/users/ids with multiple identical IDs...
PUB-A-244448906
In cdSsParseMsg of cdSsCodec.c, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Mozilla: Out of bounds read when decoding H264
The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash...
ALPINE-CVE-2021-3470
A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use...
Apache -- Multiple vulnerabilities
The Apache httpd Project reports: Apache HTTP Server privilege escalation from modules' scripts CVE-2019-0211 important modauthdigest access control bypass CVE-2019-0217 important modssl access control bypass CVE-2019-0215 important modhttp2, possible crash on late upgrade CVE-2019-0197 low...
Design/Logic Flaw
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
CVE-2018-1000217
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...
Fedora 18 : libvirt-0.10.2.3-1.fc18 (2013-1644)
Rebased to version 0.10.2.3 - Fix libxl driver to build against xen 4.2 bz 870689 - Fix possible crash when destroying guests bz 877110 - Fix loading sysctl file bz 887017 - Fix svirt memory leak bz 890039 - Fix attaching PCI netdev to VM bz 893131 - Fix libvirtd segfault on shutdown bz 903184 -...
Slackware: Security Advisory (SSA:2007-178-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...