10 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a type confusion in the l2capecredreconfrsp function. This vulnerability may lead to valid packets being...
MiracleLinux 7 : httpd24-nghttp2-1.7.1-7.el7, httpd24-curl-7.61.1-1.el7, httpd24-httpd-2.4.34-7.el7 (AXSA:2019-3739:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3739:01 advisory. httpd: Improper handling of headers in modsession can allow a remote user to modify session data for CGI applications CVE-2018-1283 httpd: Out of...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a page error in Apple firmware code when reading db and dbx efi variables on Apple T2 Macs...
PT-2025-1172 · Microsoft · Windows Digital Media +1
Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a component of the Windows operating system, specifically Digital Media, and involves a memory reading error beyond the allowed range. This can...
The vulnerability of the netfilter component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the netfilter component in the Linux operating system’s kernel is related to errors in boundary-filling reading in the decodeseq function. Exploiting this vulnerability can allow an attacker to cause a service failure...
httpd: mod_proxy: HTTP response splitting
A flaw was found in the modproxy module of httpd. A malicious backend can cause the response headers to be truncated because they are not cleaned when an error is found while reading them, resulting in some headers being incorporated into the response body and not being interpreted by a client...
CVE-2022-30780
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service CPU consumption from stuck connections because connectionreadheadermore in connections.c has a typo that disrupts use of multiple read operations on large headers...
PT-2022-3459 · Pillow · Pillow
Name of the Vulnerable Software and Affected Versions: Pillow version 9.1.0 Description: The issue is related to a heap buffer overflow in the processing of invalid TGA image files. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected...
The vulnerability of the executable file Def.exe in the interactive graphical SCADA system Interactive Graphical SCADA System (IGSS) allows a intruder to perform arbitrary actions.
The vulnerability of the executable file Def.exe in the interactive graphical SCADA system Interactive Graphical SCADA System IGSS relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a attacker to execute arbitrary code...
abyss.txt
Application: Abyss Webserver http://www.aprelium.com Versions: X1 v 1.1.2 Platform: Windows and Linux Bug: Crash caused by the reading of an unreacheable memory zone Risk: Remote crash Author: Auriemma Luigi e-mail: [email protected] web: http://www.pivx.com/luigi/ 1 Introduction 2 Bug 3 The Code 4...