JerryScript 安全漏洞

JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 2.3.0 that originated from allowing an attacker to execute arbitrary code via the ecmabuiltinarrayprototypeobjectslice parameter...

ASB-A-277333746

In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

cyfs-base vulnerable to misaligned pointer dereference in `ChunkId::new`

The function ChunkId::new creates a misaligned pointer by casting mutable pointer of u8 slice which has alignment 1 to the mutable pointer of u32 which has alignment 4, and dereference the misaligned pointer leading UB, which should not be allowed in safe function...

RUSTSEC-2023-0046 Misaligned pointer dereference in `ChunkId::new`

The function ChunkId::new creates a misaligned pointer by casting mutable pointer of u8 slice which has alignment 1 to the mutable pointer of u32 which has alignment 4, and dereference the misaligned pointer leading UB, which should not be allowed in safe function...

Misaligned pointer dereference in `ChunkId::new`

The function ChunkId::new creates a misaligned pointer by casting mutable pointer of u8 slice which has alignment 1 to the mutable pointer of u32 which has alignment 4, and dereference the misaligned pointer leading UB, which should not be allowed in safe function...

CVE-2023-3036 Out of Bounds Slice index in cfnts leads to remote panic

An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...

CVE-2023-33192

ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The server also crashes...

Design/Logic Flaw

ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The server also crashes...

CVE-2023-33192

CVE-2023-33192 affects ntpd-rs, a Rust NTP implementation. The issue is improper handling/validation of NTS cookie length in NTP packets, allowing a specially crafted cookie to crash the ntpd-rs server (also observed when the server is not configured to handle NTS). Root cause: unsafe or faulty s...

GHSA-QWHM-H7V3-MRJX Improper handling of NTS cookie length that could crash the ntpd-rs server

Impact ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The server also crashes when it is not configured to handle NTS...

Vitess 安全漏洞

Vitess is a database clustering system for horizontally scaling MySQL from Vitess. A security vulnerability exists in Vitess versions prior to 16.0.2 that stems from the fact that if VTAdmin creates a slice containing the / character, anyone attempting to create a new slice from VTAdmin will...

The vulnerability of the de265_image::set_SliceAddrRS(int, int, int) function in the implementation of the h.265 Libde265 codec allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the de265image::setSliceAddrRSint, int, int function in the h.265 video codec Libde265 is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Heap-based Buffer Overflow

libde265.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to lack of checks in valid slice header index access which allows an attacker to cause heap-based buffer overflows...

CBL Mariner 2.0 Security Update: golang (CVE-2021-41771)

The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-41771 advisory. - ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a...

ALPINE-CVE-2023-27102

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

DEBIAN-CVE-2023-27102

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

Design/Logic Flaw

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

Libde265 代码问题漏洞

Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.11, which stems from a segmentation violation discovered via the decodercontext::processslicesegmentheader function in decctx.cc...

GO-2023-1623 Out-of-memory panic in github.com/crossplane/crossplane-runtime

An out of memory panic vulnerability exists in the crossplane-runtime libraries. Applications that use the Paved type's SetValue method with user-provided input that is not properly validated might use excessive amounts of memory and cause an out of memory panic. In the fieldpath package, the...

DEBIAN-CVE-2022-47665

Libde265 1.0.9 has a heap buffer overflow vulnerability in de265image::setSliceAddrRSint, int, int...