Astra Linux - уязвимость в usbredir

A use-after-free vulnerability was discovered in usbredir in versions prior to 0.11.0, specifically in the usbredirparserserialize function within usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data, especially in cases where the destination is...

QuickJS resource management error vulnerability

QuickJS is a small and embeddable JavaScript engine developed by the QuickJS open-source project. Versions of QuickJS prior to 0.11.0 contained a resource management vulnerability, which stemmed from incorrect handling of the file quickjs.c. This vulnerability could lead to reusing resources afte...

Linux Distros Unpatched Vulnerability : CVE-2017-10792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the...

gnark 安全漏洞

gnark is a fast zk-SNARK library open-sourced by Consensys. for advanced APIs to design circuits. A security vulnerability exists in versions of gnark prior to 0.11.0 that stems from the ability of a prover to select all but the last commitment when multiple commitments are used in a circuit, whi...

usbredirparser 资源管理错误漏洞

usbredirparser is checking header length deserialized data. A resource management error vulnerability exists in usbredirparser that stems from a use-after vulnerability found in usbredirparser serialize in usbredirparser usbredirparser.c in versions of usbredirparser prior to 0.11.0. This issue...

Gophish Cross-Site Scripting Vulnerability (CNVD-2020-59719)

Gophish is a powerful open source phishing framework. A cross-site scripting vulnerability exists in Gophish versions prior to 0.11.0. An attacker can exploit this vulnerability by sending the "host" field on a configuration form to conduct cross-site scripting attacks...

PT-2020-15821 · Gophish · Gophish

Name of the Vulnerable Software and Affected Versions: Gophish versions prior to 0.11.0 Description: The issue allows for Server-Side Request Forgery SSRF attacks. This means an attacker can potentially force the server to make unauthorized requests, leading to various security issues...

Null pointer dereference

There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack...

UBUNTU-CVE-2012-1176

Buffer overflow in the fribidiutf8tounicode function in PyFriBidi before 0.11.0 allows remote attackers to cause a denial of service application crash via a 4-byte utf-8 sequence...