SUSE CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

SUSE CVE-2021-26323

Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity...

SUSE CVE-2022-29162

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling...

SUSE CVE-2022-42932

Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

AZL-13589 CVE-2023-23934 affecting package python-werkzeug for versions less than 2.2.3-1

Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =Host-test=bad for another subdomain...

SUSE-SU-2023:0410-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3107: Fixed missing check of return value of kvmallocarray bnc1206395. - CVE-2022-3108: Fixed missing check of return value of kmemdup bnc1206389. -...

CVE-2023-0151

CVE-2023-0151 affects the WordPress plugin uTubeVideo Gallery prior to version 2.0.8. The vulnerability arises from insufficient validation and escaping of shortcode attributes, which can be reflected in pages/posts where the shortcode is embedded. This can allow a user with the Contributor role ...

off-by-one error in function gf_text_get_utf8_line filters/load_text.c

Version MP4Box - GPAC version 2.3-DEV-rev40-g3602a5ded-master c 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC: https://doi.org/10.1145/1291233.1291452 GPAC Configuration:...

vibber.com Cross Site Scripting vulnerability OBB-3186206

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf

Previously, Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers: pycon outbuf = b"\x00" 32 c = ciphers.CipherAESb"\x00" 32, modes.ECB.encryptor c.updateintob"\x00" 16, outbuf 16 outbuf...

GHSA-3W9W-9833-GCPV Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader

Impact A memory overwrite bug was reported by a security researcher in the ConvertToSinglePlane method via the texconv command-line tool when given an invalid height for planar video textures such as NV12. This can be a potential security bug for any clients of the library who follow the same...

Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader

Impact A memory overwrite bug was reported by a security researcher in the ConvertToSinglePlane method via the texconv command-line tool when given an invalid height for planar video textures such as NV12. This can be a potential security bug for any clients of the library who follow the same...

IDOR vulnerability allowing to update another user's annotations

Description IDOR vulnerability was discovered in wallabag. Proof of Concept 1. Login as a victim. 2. Create an entry and an annotation. In this case the annotation's ID is 3. 3. Login as an attacker. 4. Send the following request. request http PUT /annotations/3 HTTP/1.1 Host: localhost:8000...

GSD-2023-1001063 i2c: ismt: Fix an out-of-bounds bug in ismt_access()

i2c: ismt: Fix an out-of-bounds bug in ismtaccess This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

PT-2023-33473 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: A bug exists in the ext4 file system, specifically in the ext4 clu mapped function for bigalloc and inline configurations. The actual impact and potential for attack have not been proven yet...

a12nserver vulnerable to potential SQL Injections via Knex dependency

Impact Users of a12nserver that use MySQL might be vulnerable to SQL injection bugs. If you use a12nserver and MySQL, update as soon as possible. This SQL injection bug might let an attacker obtain OAuth2 Access Tokens for users unrelated to those that permitted OAuth2 clients. Patches The knex...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RLSA-2023:0099 Moderate: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...

USN-5786-1 nautilus vulnerability

It was discovered that GNOME Files incorrectly handled certain filenames. An attacker could possibly use this issue to cause GNOME Files to crash, leading to a denial of service...

RCE in Wordnet Browser

Description A user who visits a malicious link with wordnet browser open will execute code on system Proof of Concept Visit http://localhost:8000/lookupgASVKwAAAAAAAACMBXBvc2l4lIwGc3lzdGVtlJOUjBB0b3VjaCAvdG1wL1BXTkVElIWUUpQu The base64 is created from import pickle import sys import base64...