PYSEC-2023-320

WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop, which lead to segmentation fault...

UBUNTU-CVE-2023-46332

WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop, which lead to segmentation fault...

WebAssembly Buffer Error Vulnerability

WebAssembly is a binary instruction format for stack-based virtual machines from WebAssembly. A security vulnerability exists in WebAssembly wabt version 1.0.33, which stems from a memory overflow vulnerability in the function DataSegment::Drop...

The vulnerability of the Suricata intrusion detection and prevention system, related to the occurrence of interpretation conflicts, allows an intruder to bypass or neutralize any signature based on the TCP protocol.

The vulnerability of the Suricata intrusion detection and prevention system is related to the occurrence of interpretation conflicts. Exploiting this vulnerability allows a remote attacker to bypass or neutralize any TCP-based signature, by intercepting the TCP segment...

CVE-2023-38250 Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could lead in arbitrary code execution by an admin-privileg...

CVE-2023-36841

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service DoS. An attacker who sends malformed TCP...

Oracle Linux 5 : kvm (ELSA-2010-0271)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0271 advisory. - Resolves: bz563465 EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check rhel-5.5 -...

Noticing exceptionally high current client connections for a single server within the service group

Go check Load Balance Virtual Server's Statistics data, under theBound Service Group Members Summary tab,you've observed that the Current client connection count of specific server is significantly higher than the other servers within the same service group. In NS shell mode, "nsconmsg ConLb=2...

Vulnerability of the zgfx_decompress_segment() function in the RDP client FreeRDP, allowing a hacker to trigger a service failure

The vulnerability of the zgfxdecompresssegment function in the RDP client FreeRDP is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

DEBIAN-CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

UBUNTU-CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

FreeRDP 数字错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a numeric error vulnerability that stems from an integer overflow in the zgfxdecompresssegment function that results in an out-of-bounds read...

UBUNTU-CVE-2020-21528

A Segmentation Fault issue discovered in in ieeesegment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file...

nasm 安全漏洞

Nasm is an open source programming tool software by The Nasm Development Team team. A security vulnerability exists in nasm versions 2.14.03 and 2.15, which stems from a segmentation error in the ieeesegment function of outieee.c. The vulnerability is caused by a bug in the outieee.c function...

CVE-2023-31447

userlogin.cgi on Draytek Vigor2620 devices before 3.9.8.4 and on all versions of Vigor2925 devices allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code...

PT-2025-53049

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc5-next-20230809-syzkaller Description A missing check in virtio net hdr to skb allowed a kernel crash. Specifically, the issue arises when gso size is set to GSO BY FRAGS 0xffff, a magic value used...

PT-2023-4664 · Freerdp +8 · Freerdp +8

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to an Integer-Underflow leading to Out-Of-Bound Read in the zgfx decompress segment function. In the context of CopyMemory, it's possible...

USN-6259-1 open-iscsi vulnerabilities

Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. CVE-2020-13987 Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI...

CVE-2023-20891

The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF...

CVE-2023-20891 VMware Tanzu Application Service for VMs and Isolation Segment information disclosure vulnerability

The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF...