CLSA-2026-1777322146 jq: Fix of CVE-2026-32316

CVE-2026-32316: fix heap buffer overflow in jvpstringappend and jvpstringcopyreplacebad caused by uint32t overflow in size calculations for strings exceeding INTMAX bytes...

CVE-2024-50259

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...

CVE-2024-50259 netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...

CVE-2024-50259 netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...

CVE-2024-29186 Slow String Operations via MultiPart Requests in Event-Driven Functions

Bref is an open-source project that helps users go serverless on Amazon Web Services with PHP. When Bref prior to version 2.1.17 is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion...

CVE-2024-29186 Slow String Operations via MultiPart Requests in Event-Driven Functions

Bref is an open-source project that helps users go serverless on Amazon Web Services with PHP. When Bref prior to version 2.1.17 is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion...

shellcode-x86_x64

This repository contains a collection of assembly code examples for a 64-bit Linux system, primarily focusing on basic instructions and operations. The code is written in NASM Netwide Assembler and covers various topics such as arithmetic, logical operations, string manipulation, and stack...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists as it was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection GCC. This could allow a local unprivileged user to cause memory corruption...

USN-3337-1: Valgrind vulnerabilities

It was discovered that Valgrind incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated packages fix the following security issues : - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not...

CVE-2010-1988

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than...

USN-900-1: Ruby vulnerabilities

Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. CVE-2009-4124 Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not...

CentOS 5 : kernel (CESA-2008:0233)

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

CentOS Update for kernel CESA-2008:0508 centos4 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2008:0508 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2008:0561 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting...

CentOS 4 : kernel (CESA-2008:0508)

Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating...