73 matches found
PT-2022-33296 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.4 through v5.19.5 Description: A data-race issue exists around gro normal batch. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v5.4 through v5.19.5,...
GHSA-3V99-HPV7-9HH9 Capstone Integer overflow
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
DEBIAN-CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...
UVI-2021-1001565 cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
cpufreq: schedutil: Destroy mutex before kobjectput frees the memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.209 by commit...
UVI-2021-1000344 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
CVE-2020-26953
It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...
MGASA-2020-0269 Updated python-httplib2 packages fix security vulnerability
Updated python-httplib2 packages fix security vulnerability: In httplib2, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri...
CVE-2019-9812
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...
Preparing for Y2038 (Already?!)
It somehow doesn't seem that long ago, but nineteen years ago during Y2K I spent my New Year's Eve in the Akamai Network Operations center, waiting to respond to anything that might go awry as the clock struck midnight in key time zones such as Greenwich and Boston. As of January 9, 2019, we are...
CVE-2013-6049
apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors...
CVE-2016-2519
ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service ntpd abort by a large request data value, which triggers the ctlgetitem function to return a NULL value...
BELL-CVE-2012-5374 CVE-2012-5374 does not affect BellSoft software
Bulletin has no description...
HSphere WebShell buffer overflow
Buffer overflow in MIME boundary...
IBM Informix Web DataBlade: Auto-decoding HTML entities
IBM Informix Web DataBlade: Auto-decoding HTML entities By Simon Lodal, Denmark Vendor status: Notified months ago, said they would be working on updates, never heard anything. Software: Web DataBlade 4.12, IDS 9.20/9.21, Linux 2.2/2.4, SunOS 5.7 OS, IDS and WDB versions seem to be irrelevant...
SunOS 4.1.3 - LD_LIBRARY_PATH LD_OPTIONS
SunOS 4.1.3 - LDLIBRARYPATH LDOPTIONS source: https://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the...
CVE-2022-43586
...
CVE-2022-24945
...
CVE-2024-1992
...
CVE-2023-6086
...
CVE-2020-12555
...