postgresql: PostgreSQL oidvector discloses a few bytes of memory

A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely...

GHSA-96PC-27RX-PR36 ImageMagick has Possible Heap Information Disclosure in PSD ZIP Decompression

Description A heap information disclosure vulnerability exists in ImageMagick's PSD Adobe Photoshop format handler. When processing a maliciously crafted PSD file containing ZIP-compressed layer data that decompresses to less than the expected size, uninitialized heap memory is leaked into the...

Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash

A bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently use this function itself so this only impact applications that u...

UBUNTU-CVE-2022-32742

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

CVE-2016-3065

The 1 brinpagetype and 2 brinmetapageinfo functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service server crash via a crafted byte...