1874 matches found
kernel: net: gso: fix panic on frag_list with mixed head alloc types
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix panic on fraglist with mixed head alloc types Since commit 3dcbdb134f32 "net: gso: Fix skbsegment splat when splitting gsosize mangled skb having linear-headed fraglist", it is allowed to change gsosize of a GRO...
CVE-2023-0856
Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...
CVE-2023-0852
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C...
Authentication flaw
Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger unauthorized access to the product. :Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier...
CVE-2023-0852
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C...
CVE-2023-0855
Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...
UBUNTU-CVE-2023-2617
A vulnerability classified as problematic was found in OpenCV wechatqrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decodedbitstreamparser.cpp. The manipulation leads to null pointer dereference. The...
UBUNTU-CVE-2023-2618
A vulnerability, which was classified as problematic, has been found in OpenCV wechatqrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decodedbitstreamparser.cpp. The manipulation leads to memory leak. The attac...
OpenCV 代ē é®é¢ę¼ę“
OpenCV is an open source, cross-platform, lightweight computer vision library. A code issue vulnerability exists in the OpenCV wechatqrcode module, which stems from the function DecodedBitStreamParser::decodeByteSegment in the file qrcode/decoder/decodedbitstreamparser.cpp that could lead to null...
OpenCV å®å Øę¼ę“
OpenCV is an open source, cross-platform, lightweight computer vision library. A security vulnerability exists in the OpenCV wechatqrcode module, which originates from the function DecodedBitStreamParser::decodeHanziSegment in the file qrcode/decoder/decodedbitstreamparser.cpp and could lead to a...
kernel: powerpc/64s: Don't use DSISR for SLB faults
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...
kernel: SUNRPC: Trap RDMA segment overflows
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svcrdmabuildwrites from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlie...
CVE-2023-29996
In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfodecode and unsubinfodecode...
CVE-2021-41803
A flaw was found in HashiCorp Consul, where it is vulnerable to a denial of service caused by improper input validation for the node or segment names. By sending a specially-crafted request, a remote, authenticated attacker can cause a denial of service. Mitigation Mitigation for this issue is...
MaxContribution check can be bypassed to give a card high voting power
Lines of code Vulnerability details Proof of Concept ReraiseETHCrowdfund tries limit the voting power of each card by doing a min/maxContribution check in claim and claimMultiple. uint96 contribution = votingPower 1e4 / exchangeRateBps; uint96 maxContribution = maxContribution; // Check that the...
Malicious code in @12build/segment-js-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 856e63ff9eebaf0c3443eeee789588cf844ca28e1810394d67c01e5f5a4aa601 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
ALPINE-CVE-2023-27102
Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...
Design/Logic Flaw
Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...
SUSE CVE-2010-0419
The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...
SUSE CVE-2010-4165
The dotcpsetsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCPMAXSEG aka MSS values, which allows local users to cause a denial of service OOPS via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect u...