11 matches found
Oracle Linux 10 : ELSA-2025-20478-0: / zziplib (ELSA-2025-204780)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-204780 advisory. 0.13.78-2 - Fix directory traversal in unzip binary - Disable the CVE tests during the check phase - the reproducers for these are downloaded from the github...
CVE-2024-53071
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthordevicemmapio implementation has two issues: 1. For mapping DRMPANTHORUSERFLUSHIDMMIOOFFSET, panthordevicemmapio bails if VMWRITE is set, but does not clear...
SUSE-SU-2024:2105-1 Security update for hdf5
This update for hdf5 fixes the following issues: - Fix various security issues in hdf5 bsc1224158: CVE-2024-29158, CVE-2024-29161, CVE-2024-29166, CVE-2024-32608, CVE-2024-32610, CVE-2024-32614, CVE-2024-32619, CVE-2024-32620, CVE-2024-33873, CVE-2024-33874, CVE-2024-33875 - Additionally, these...
CVE-2021-47280 drm: Fix use-after-free read in drm_getunique()
In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drmgetunique There is a time-of-check-to-time-of-use error in drmgetunique due to retrieving filepriv-master prior to locking the device's master mutex. An example can be seen in the crash report o...
CVE-2023-52528
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in smsc75xxreadreg syzbot reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in smsc75xxwaitready...
CVE-2023-29416
An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3decodeblock out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais...
postgis:wkb_import_fuzzer: Heap-buffer-overflow in byte_from_wkb_state
Project: https://git.osgeo.org/gitea/postgis/postgis.git Detailed Report: https://oss-fuzz.com/testcase?key=5686969597689856 Project: postgis Fuzzing Engine: afl Fuzz Target: wkbimportfuzzer Job Type: aflasanpostgis Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...
Exploits
Exploits Containing Self Made Perl Reproducers / PoC Codes -...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:1509-1)
This icedtea-web update fixes several security issues. Changes in icedtea-web : - update to 1.4.1 bnc840572 - Improved and cleaned Temporary internet files panel - NetX - PR1465 - java.io.FileNotFoundException while trying to download a JAR file - PR1473 - javaws should not depend on name of loca...
Fedora 19 : icedtea-web-1.4.1-0.fc19 (2013-17026)
Updated to icedtea-web 1.4.1 New in release 1.4.1 2013-XX-YY : - Improved and cleaned Temporary internet files panel - PR1465 - java.io.FileNotFoundException while trying to download a JAR file - PR1473 - javaws should not depend on name of local file - PR854: Resizing an applet several times...
CVE-2013-1789
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to the 1 Splash::arbitraryTransformMask, 2 Splash::blitMask, and 3 Splash::scaleMaskYuXu functions...