The vulnerability of the hypervisor in FreeBSD operating systems allows a hacker to execute arbitrary code.

The vulnerability of the hypervisor in FreeBSD operating systems relates to a single-shift error. Exploiting this vulnerability allows an attacker to execute arbitrary code...

Vulnerabilities of components of the Linux operating system’s kernel, such as IB/hfi1, allow attackers to execute arbitrary code and gain increased privileges.

The vulnerability of the IB/hfi1 components of the Linux operating system’s kernel is related to a single-shift error. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

The vulnerability of the new kernel component in the Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the new kernel component in the Linux operating system is related to a single-shift error. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2023-52764 media: gspca: cpia1: shift-out-of-bounds in set_flicker

In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a shift problem in ufshcdclearcmd...

The vulnerability of the Apache Tomcat application server, related to a single shift error, allows attackers to cause service failures.

The vulnerability of the Apache Tomcat application server is related to a single-shift error. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

The vulnerability of the OpenImageIO image processing library, related to a single-shift error, allows attackers to gain access to confidential data.

The vulnerability of the OpenImageIO image processing library is related to a single-shift error. Exploiting this vulnerability could allow an attacker to gain access to confidential data using a distorted RLA file...

The vulnerability of the sdhci.c component of the hardware emulation software QEMU, which allows a hacker to trigger a service failure.

The vulnerability of the sdhci.c component of the QEMU hardware emulator is related to a single-shift error. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

SUSE CVE-2015-1593

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related ...

The vulnerability of the asn1_encode_simple_der() function in the Libtasn1 library, which allows a hacker to disclose protected information or cause a service failure.

The vulnerability of the asn1encodesimpleder function in the Libtasn1 library is related to a single-shift error. Exploiting this vulnerability could allow an attacker to disclose sensitive information or cause service failures by sending specially crafted data to the application...

GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...

OESA-2022-1868 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by...

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

CVE-2021-20304

OpenEXR contains a vulnerable hufDecode path (CVE-2021-20304). A crafted EXR file can trigger an undefined right-shift error, with the highest impact on availability. Public advisories document affected OpenEXR components and remediation via vendor patches/upgrades. Notably, Amazon Linux 2 ALAS a...

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

The vulnerability in the implementation of the mode_sense_page() function of the QEMU hardware emulation software allows a intruder to trigger a service failure.

The vulnerability of the modesensepage function implementation in the QEMU hardware emulation software is related to a single-shift error when using the “page” parameter. Exploiting this vulnerability can allow an attacker to cause a system failure...

EulerOS 2.0 SP3 : OpenEXR (EulerOS-SA-2021-2600)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenE...

EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2021-2514)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenE...