ruby: Arbitrary memory address read vulnerability with Regex search

A flaw was found in Ruby. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings...

ruby: Arbitrary memory address read vulnerability with Regex search

A flaw was found in Ruby. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings...

ruby: Arbitrary memory address read vulnerability with Regex search

A flaw was found in Ruby. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings...

CVE-2024-34363 Envoy can crash due to uncaught nlohmann JSON exception

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash...

CVE-2024-34363 Envoy can crash due to uncaught nlohmann JSON exception

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash...

BIT-RUBY-2024-27282

An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1...

ruby: Arbitrary memory address read vulnerability with Regex search

A flaw was found in Ruby. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings...

RHEL 8 : unzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unzip: SIGSEGV during the conversion of an utf-8 string to a local string CVE-2022-0530 - A flaw was foun...

PT-2024-26913 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.11.2 Description: Directus is a real-time API and App dashboard for managing SQL database content. Providing a non-numeric length value to the random string generation utility will create a memory issue, breaking...

OSV-2024-523 Stack-buffer-overflow in findstrings

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69357 Crash type: Stack-buffer-overflow WRITE 1 Crash state: findstrings searchstringsupdate cmdmeta...

glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

The vulnerability of the microprogramming software of Siemens SICAM’s CPCI85 and CPC80 control modules allows a hacker to execute arbitrary code or cause malfunctions during maintenance operations.

The vulnerability of the CPCI85 and CPC80 processor control module software from Siemens SICAM is related to errors that occur when a string or array is terminated with the NULL character during the analysis of a specific HTTP header. Exploiting this vulnerability can allow an attacker to execute...

glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

glibc: netgroup cache assumes NSS callback uses in-buffer strings

A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...

Django: denial-of-service in ``intcomma`` template filter

A vulnerability was found in Django. When used with very long strings, the intcomma template filter was subject to a potential denial of service attack...

DEBIAN-CVE-2021-47458

In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIGFORTIFYSOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. Problem seems to be that...

CVE-2023-52845 tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...