kernel: lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow

A buffer overflow write flaw was identified in seqbufputmemhex in lib/seqbuf.c in seqbuf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check...

The vulnerability of the MPEG12_ParseSeqHdr function (media_tools/mpeg2_ps.c) in the GPAC multimedia platform allows a perpetrator to trigger a service failure.

The vulnerability of the MPEG12ParseSeqHdr function mediatools/mpeg2ps.c in the GPAC multimedia platform is related to reading beyond the memory boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

Design/Logic Flaw

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

PT-2023-26331 · Datalust +1 · Datalust Seq +1

Name of the Vulnerable Software and Affected Versions: Datalust Seq versions prior to 2023.2.9489 Description: The issue allows insertion of sensitive information into an externally accessible file or directory. This can be exploited when external metadata storage, such as SQL Server or PostgreSQ...

Datalust Seq 安全漏洞

Datalust Seq is a logging server from Datalust Australia. It is used to speed up diagnostics in complex, asynchronous and distributed applications. A security vulnerability exists in Datalust Seq versions prior to 2023.2.9489, which stems from allowing sensitive information to be inserted into...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq versions prior to 2023.2.9489 are affected. The issue allows insertion of sensitive information into externally accessible files or directories when external metadata storage (SQL Server or PostgreSQL) is used, and exploitation requires a high-privilege user. Remediation: upgrade to ...

CLSA-2023-1686651204 kernel: Fix of 25 CVEs

cgroup: Use open-time cgroup namespace for process migration perm checks CVE-2021-4197 - cgroup: Use open-time credentials for process migraton perm checks CVE-2021-4197 - vt: drop old FONT ioctls CVE-2021-33656 - fbmem: Check virtual screen sizes in fbsetvar CVE-2021-33655 - fbcon: Prevent that...

DEBIAN-CVE-2023-28772

An issue was discovered in the Linux kernel before 5.13.3. lib/seqbuf.c has a seqbufputmemhex buffer overflow...

K03564319: Linux kernel vulnerability CVE-2018-7566

Security Advisory Description The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user. CVE-2018-7566 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

SUSE CVE-2016-2543

The sndseqioctlremoveevents function in sound/core/seq/seqclientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted ioctl call...

GSD-2023-1000362 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.302 by commit...

GSD-2023-1000331 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...

GSD-2023-1000290 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.227 by commit...

GSD-2023-1000230 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...

Datalust Seq Authentication Bypass (CVE-2018-8096)

An authentication bypass vulnerability exists in Datalust Seq. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

GSD-2022-1005702 ALSA: seq: Fix data-race at module auto-loading

ALSA: seq: Fix data-race at module auto-loading This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.142 by commit...