PT-2023-14929 · Fp.Io · Fp.Io Vpp

Name of the Vulnerable Software and Affected Versions: FP.io VPP Vector Packet Processor versions 19.04 through 22.10 Description: The issue is related to the generation of a predictable IV with CBC mode. This affects a wide range of versions of the FP.io VPP Vector Packet Processor...

CVE-2022-46397

CVE-2022-46397 affects FP.io VPP (Vector Packet Processor) versions 19.04 through 22.10. The issue is the generation of a predictable IV when using CBC mode, which is the underlying root cause. Impact described in sources points to high confidentiality impact with no explicit effects on integrity...

Mageia: Security Advisory (MGASA-2023-0008)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of an Execution Behavior Attack problem, which could be exploited by an attacker to potentially...

cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-25801 via tensorflow-cpu (>=1.15.0 <=2.11.0)

tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-25801 Source advisory: OSV:GHSA-F49C-87JH-G47Q...

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

Stack overflow

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

The vulnerability of the AMD Ryzen Master utility for adjusting AMD Ryzen processors allows a hacker to increase their privileges.

The vulnerability of the AMD Ryzen Master tool for adjusting AMD Ryzen processors is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

Medium: microcode_ctl

Issue Overview: Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVE-2021-33117 add CVE-2022-0005 A flaw was found in hw. Improper access control for...

UBUNTU-CVE-2023-28428

PDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue ...

go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents

A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document...

kernel: net: CPU soft lockup in TC mirred egress-to-ingress action

A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using TC action "mirred" a local unprivileged user could trigger a CPU soft lockup ABBA deadlock when the transport protocol in use TCP or SCTP does a...

March 14, 2023—KB5023697 (OS Build 14393.5786) - EXPIRED

March 14, 2023—KB5023697 OS Build 14393.5786 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 1/10/23 REMINDER ...

CVE-2023-1370 Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

CVE-2023-1370

The CVE-2023-1370 entry concerns Netplex Json-smart, a JSON processing library. Public materials in the connected docs confirm a stack-exhaustion (DoS) due to unbounded nesting when parsing nested arrays/objects in JSON input, caused by recursive parsing. Affected version range is 2.5.0 through 2...

CVE-2022-33256

Memory corruption due to improper validation of array index in Multi-mode call processor...

Memory corruption

Memory corruption due to improper validation of array index in Multi-mode call processor...