Lucene search
K

285 matches found

OSV
OSV
added 2024/11/24 2:15 a.m.5 views

AZL-53634 CVE-2024-11233 affecting package php for versions less than 8.1.31-1

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

8.2CVSS6.7AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/11/24 2:15 a.m.2 views

DEBIAN-CVE-2024-11233

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

8.2CVSS6.1AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2024/11/24 2:15 a.m.4 views

UBUNTU-CVE-2024-11233

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

8.2CVSS6.5AI score0.01618EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/11/24 1:8 a.m.20 views

CVE-2024-11233 Single byte overread with convert.quoted-printable-decode filter

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

4.8CVSS6.9AI score0.01618EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/11/24 1:8 a.m.26 views

CVE-2024-11233 Single byte overread with convert.quoted-printable-decode filter

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

4.8CVSS0.01618EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2024/11/24 1:8 a.m.17 views

CVE-2024-11233

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

8.2CVSS6.5AI score0.01618EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/10/04 12:0 a.m.6 views

PT-2025-2777

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74 Description: A possible null pointer dereference issue has been identified in the Linux kernel. This issue occurs when the request lock function is called and lkb-lkb resource is not assigned yet, which...

5.5CVSS5.4AI score0.00218EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/09/18 11:13 a.m.21 views

CVE-2024-46764

In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...

6CVSS6.8AI score0.00223EPSS
Exploits0References4
OSV
OSV
added 2024/09/18 8:15 a.m.3 views

UBUNTU-CVE-2024-46764

In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...

7.1CVSS5.7AI score0.00223EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2024/09/11 12:0 a.m.274 views

Printable Staff ID Card Creator System 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : printable staff id card creator system 1.0 idor Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
OSV
OSV
added 2024/09/08 12:0 p.m.3 views

RUSTSEC-2024-0404 Unsoundness in anstream

When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...

7.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/08 12:0 a.m.4 views

PT-2024-40949 · Anstream · Anstream

Name of the Vulnerable Software and Affected Versions: anstream affected versions not specified Description: The issue arises when the function in anstream's adapter/strip.rs is given a valid UTF8 string containing non-printable bytes, such as "öx1b😀". The function incorrectly segments the UTF8...

6.9AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2024/07/05 7:59 p.m.15 views

Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour [updated]

The cybercriminals who claimed responsibility for the Ticketmaster data breach say theyve stolen 440,000 tickets for Taylor Swift’s Eras Tour. As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k...

7AI score
Exploits0
Mageia
Mageia
added 2024/05/21 11:17 p.m.43 views

Updated python-pymongo packages fix security vulnerability

Versions of the package pymongo before 4.6.3 are vulnerable to Out-of-bounds Read in the bson module. Using the crafted payload the attacker could force the parser to deserialize unmanaged memory. The parser tries to interpret bytes next to buffer and throws an exception with string. If the...

7.3AI score
Exploits0References2
OSV
OSV
added 2024/04/12 11:7 a.m.3 views

OESA-2024-1425 flatpak security update

flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions...

10CVSS6.8AI score0.00887EPSS
Exploits0References3
OSV
OSV
added 2024/04/06 5:15 a.m.25 views

CVE-2024-21506

Rejected reason: Duplicate...

3.7CVSS5AI score
Exploits0Affected Software1
OSV
OSV
added 2024/03/06 11:10 a.m.22 views

BIT-GITLAB-2023-1708

An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine...

9.8CVSS7AI score0.01109EPSS
Exploits0References4
OSV
OSV
added 2023/08/14 5:15 a.m.4 views

CVE-2023-3265

An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/08/14 5:15 a.m.24 views

CVE-2023-3265

An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this...

9.8CVSS9.7AI score0.01509EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/14 12:0 a.m.5 views

Cyber Power Systems CyberPower PowerPanel Enterprise Security Vulnerability

Cyber Power Systems CyberPower PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distributi...

9.8CVSS6.5AI score0.01509EPSS
Exploits0References2
Rows per page
Query Builder