CVE-2024-42458

server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...

CVE-2024-42458

server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...

CVE-2024-42458

server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...

CVE-2024-42458

server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...

CVE-2024-42458

server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...

CVE-2024-42458

Summary: CVE-2024-42458 affects Neat VNC (neatvnc) servers prior to 0.8.1. The issue, tracked in multiple sources, is that server.c does not properly validate the security type, a related problem to CVE-2006-2369. Impact (as stated): high confidentiality, integrity, and availability impact per CV...

CVE-2024-42458

server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...

OSV-2020-2144 Heap-buffer-overflow in wolfSSH_accept

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27298 Crash type: Heap-buffer-overflow READ 5 Crash state: wolfSSHaccept server.c...

OSV-2020-2070 Heap-buffer-overflow in wolfSSH_accept

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26332 Crash type: Heap-buffer-overflow READ 5 Crash state: wolfSSHaccept server.c...

Denial Of Service (DoS)

Red Hat Enterprise Linux is vulnerable to denial of serviceDoS attacks. This is because the function ispatchmessagereal in journald-server.c does not free the memory allocated by setiovecfieldfree to store the CMDLINE= entry. A local attacker may use this flaw to make systemd-journald crash...

EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1128)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 CVE-2019-3815 - systemd: Insufficient input validation in...

OpenSSH sftp-server.c Denial of Service (CVE-2017-15906)

A denial of service vulnerability has been reported in OpenSSH. The vulnerability is due to improper restriction of write access when in read-only mode within sftp-server.c. A remote attacker could exploit this vulnerability by sending crafted requests to a vulnerable server...

Oracle Linux 7 : systemd (ELSA-2019-0201)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0201 advisory. 219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix...

CVE-2019-3815

CVE-2019-3815 is a memory‑leak issue in the journald component introduced via backport of fixes for CVE-2018-16864. The flaw is in dispatch_message_real() in journald-server.c, which does not free memory allocated for the _CMDLINE= entry (set_iovec_field_free). A local attacker could crash system...

Low: openssh

Issue Overview: Improper write operations in readonly mode allow for zero-length file creation The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.CVE-2017-15906 Affected...

Psensor 'create_response' function directory traversal vulnerability

Psensor is a Linux-based open source visualization software for probing hardware temperature. A directory traversal vulnerability exists in the 'createresponse' function of the server/server.c file in versions of Psensor prior to 1.1.4, which stems from the program's failure to detect whether a...

Directory traversal

The createresponse function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory...

BSA-2018-538

Security Advisory ID : BSA-2018-538 Component : OpenSSH Revision : 2.0: Final The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. Affected Products Security updates have be...

CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

CVE-2017-15906

OpenSSH OpenSSH sftp-server.c contains a write-blocking flaw in readonly mode that can let an attacker create zero-length files. Specifically, the process_open function in sftp-server.c mishandles write operations when in read-only mode, affecting OpenSSH versions prior to 7.6. The vulnerability ...