Xpdf 缓冲区错误漏洞

Xpdf is a free PDF viewer and toolkit from Xpdf, including a text extractor, image converter, HTML converter, and more. A security vulnerability exists in Xpdf versions 4.05 and earlier, which stems from a long Unicode sequence in ActualText that could result in out-of-bounds array writes...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that hsrgetskbsequencenr reads an invalid value as the sequence number if the packet type ID field ...

PT-2024-28315

Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue is an out-of-bounds array write triggered by a long Unicode sequence in ActualText. This can potentially lead to exploitation. Recommendations For Xpdf versions 4.05 and earlier, consider...

ROS-20240412-02

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

DEBIAN-CVE-2021-47198

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfcunregrpi routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfcunregrpi+0x1b1b" The NLPREGLOGINSEND nlpflag is set in...

Escape Sequence Injection

util-linux is vulnerable to Escape Sequence Injection. The vulnerability is due to escape sequences being allowed to be sent to other users' terminals through argv, especially when util-linux is often installed with setgid tty permissions, potentially leading to account takeover scenarios...

Predictable TCP ISNs in EDK II Network Package

...

ROS-20240408-25

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

ROS-20240408-15

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

ROS-20240408-23

A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and remove an arbitrary number of SSH service messages. during the connection negotiation process and cause an arbitrary number of SSH service...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

CVE-2024-27201

An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests t...

The vulnerability of the box_equal() function in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the boxequal function in the virtuoso-opensource web application development platform is related to the incorrect implementation of the sequence of actions to be performed. Exploiting this vulnerability could allow a malicious actor to cause a service failure after executing...

CVE-2024-26670 arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD Currently the ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory access, but is immediately...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a delayed ACK that does not set a reference sequence number...

PT-2024-24377 · Libyaml · Libyaml

Name of the Vulnerable Software and Affected Versions: libyaml versions up to 0.2.5 Description: A critical vulnerability was found in libyaml, affecting the yaml emitter emit flow sequence item function. This issue leads to a heap-based buffer overflow and may be exploited remotely. The exploit...

CVE-2024-21452

CVE-2024-21452 affects Qualcomm chipsets and involves a transient Denial of Service during decoding of an ASN.1 OER message that contains a SEQUENCE of unknown extensions. Root cause is not detailed in the provided documents beyond the ASN.1/OER decoding context; the CVSS metrics indicate HIGH im...

CVE-2024-21452 Improper Input Validation in Automotive Telematics

Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions...