28 matches found
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET when deserializing a DataSet or DataTable from XML which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm to version 6.0.18, 7.0...
Bento4 缓冲区错误漏洞
Bento4 is an open source C++ library for reading and writing MP4 files. A denial of service vulnerability exists in Bento4 version v1.6.0-639, which stems from the AP4TrunAtom::SetDataOffsetint function in Ap4TrunAtom.h containing a segmentation violation. An attacker can exploit this vulnerabili...
PT-2023-2375 · Liblouis +7 · Liblouis +7
Name of the Vulnerable Software and Affected Versions: Liblouis version 3.24.0 Description: The issue is related to a buffer overflow that can be triggered by a remote attacker, potentially causing a denial of service. This is associated with the compileTranslationTable.c and the lou setDataPath...
Mozilla: Arbitrary file read from GTK drag and drop on Linux
The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...
Mozilla: Arbitrary file read from GTK drag and drop on Linux
The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...
PT-2022-14709 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: In the setDataSource function of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure...
kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c
A flaw was found in the Linux kernel’s sofsetgetlargectrldata function, in the way it handled memory cleanup in a specific error path. A local attacker could use this flaw to crash the system...
exiv2: integer overflow in getData function in preview.cpp
Exiv2 0.26 has integer overflows in LoaderTiff::getData in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp...