13 matches found
Astra Linux - уязвимость в chromium
In WebAudio, operations of reading and writing data outside of the allowed range in Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
AZL-27208 CVE-2022-25883 affecting package nodejs18 for versions less than 18.16.0-3
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...
AZL-45168 CVE-2022-25883 affecting package nodejs-nodemon 2.0.3-5
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...
SUSE CVE-2012-3961
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service heap...
SUSE CVE-2015-2686
net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...
Buffer overflow
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...
glibc: Segmentation fault caused by passing out-of-range data to strftime()
It was found that out-of-range time values passed to the strftime function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure...
CVE-2015-2686
net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...
CVE-2015-2686
net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...
CVE-2015-2686
net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...
Microsoft Office Publisher Remote Code Execution Vulnerability (2830397)
This host is missing an important security update according to Microsoft Bulletin MS13-042. OpenVAS Vulnerability Test $Id: secpodms13-042.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Office Publisher Remote Code Execution Vulnerability 2830397 Authors: Antu Sanadi Copyright: Copyright c 201...
Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service heap...
Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service heap...