11 matches found
CVE-2026-35348
The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: coreutils (UTSA-2025-991267)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991267 advisory. A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocate...
CVE-2025-65779
An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Unauthenticated attackers can update a board's "sort" value Boards.allow returns true without verifying userId, allowing arbitrary reordering of boards...
OESA-2025-1637 coreutils security update
These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. Security Fixes: A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside th...
CVE-2022-24913
Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider function in StdTempFileProvider.java, which uses the permissive File.createTempFile function, exposing temporary file contents...
Nginx 安全漏洞
Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the U.S. company Nginx. njs is one of the scripting language components that support extended NGINX functionality . A denial of service vulnerability exists in Nginx NJS version v0.7.2, which stems from a...
Null pointer dereference
DISPUTED Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an...
UBUNTU-CVE-2021-41495
Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error ca...
CVE-2012-3122
Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality and integrity via unknown vectors related to sort...
HP-UX Update for sort HPSBUX00237
Check for the Version of sort OpenVAS Vulnerability Test HP-UX Update for sort HPSBUX00237 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service
source: https://www.securityfocus.com/bid/11759/info Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of...