1833 matches found
PT-2023-33116 Ā· Linux Ā· Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue concerns a shift-out-of-bounds problem in the hid report raw event function. This problem was introduced in version v2.6.20 and is fixed in version v6.0.13. The actual impact and...
PT-2023-33356 Ā· Linux Ā· Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.227 Description: The issue concerns a shift-out-of-bounds problem in the hid report raw event function. This problem was introduced in version v2.6.20 and fixed in version v5.4.227. The actual impact and...
EulerOS Virtualization 3.0.2.6 : expat (EulerOS-SA-2023-1060)
According to the versions of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc...
EulerOS Virtualization 2.10.0 : sudo (EulerOS-SA-2022-2921)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in...
CVE-2022-31745
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101...
Code injection
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101...
CVE-2022-31745
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101...
CVE-2022-31745
CVE-2022-31745 affects Mozilla Firefox older than 101.0. The issue arises when array shift operations are not used, potentially confusing the Garbage Collector about valid objects, leading to memory corruption and a potentially exploitable crash. The CVSS v3.1 base score is 4.3 (Medium). Mitigati...
CVE-2022-31745
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101...
CVE-2022-31745
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox 101...
CLSA-2022-1671481209 Fix CVE(s): CVE-2020-27618, CVE-2019-25013
SECURITY UPDATE: buffer overrun in EUC-KR conversion module - debian/patches/any/CVE-2019-25013: skip two bytes when told to skip over the unknown designation, potentially running over the buffer end - CVE-2019-25013 SECURITY UPDATE: hang in the iconv program - debian/patches/any/CVE-2020-27618:...
Debian dla-3236 : libopenexr-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3236 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3236-1 [email protected]...
Overflow in BinMap can break pool
Lines of code Vulnerability details Impact The BinMap library performs multiplication on int32 values that can potentially overflow and cause the corresponding function calls to revert. The functions in question are used by essential Pool methods such as Pool.addLiquidity or Pool.swap and an...
GSD-2022-1008356 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.334 by commit...
GSD-2022-1008307 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...
GSD-2022-1008256 net: mdio: fix undefined behavior in bit shift for __mdiobus_register
net: mdio: fix undefined behavior in bit shift for mdiobusregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.265 by commit...
GSD-2022-1008248 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...
GSD-2022-1008185 net: mdio: fix undefined behavior in bit shift for __mdiobus_register
net: mdio: fix undefined behavior in bit shift for mdiobusregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.224 by commit...
GSD-2022-1007956 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.79 by commit...
GSD-2022-1007840 net: mdio: fix undefined behavior in bit shift for __mdiobus_register
net: mdio: fix undefined behavior in bit shift for mdiobusregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.8 by commit...