27 matches found
EUVD-2016-10849
EKG Gadu 1.9pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258...
CVE-2016-20047
EKG Gadu 1.9pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258...
PT-2026-28230
EKG Gadu 1.9pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Attackers can trigger the overflow in the strlcpy function by passing a crafted buffer exceeding 258...
EUVD-2017-17266
Malware in sbrugna...
EUVD-2022-54828
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially...
DEBIAN-CVE-2022-49401
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
CVE-2022-49401
CVE-2022-49401 pertains to the Linux kernel, where a fault in mm/page_owner handling was fixed: current->comm[] is not guaranteed to be a proper string, and using strlcpy(s1, s2, l) may call strlen(s2) and trigger out-of-bounds access. The fix replaces strlcpy with strscpy() in mm/page_owner.c...
CVE-2022-49401 mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
CVE-2022-49401 mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of strlcpy instead of strscpy by mm/pageowner...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
kernel: mm/page_owner: use strscpy() instead of strlcpy()
In the Linux kernel, the following vulnerability has been resolved: mm/pageowner: use strscpy instead of strlcpy current-comm is not a string no guarantee for a zero byte in it. strlcpys1, s2, l is calling strlens2, potentially causing out-of-bound access, as reported by syzbot: detected buffer...
OSV-2021-679 Heap-buffer-overflow in strlcpy
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33556 Crash type: Heap-buffer-overflow WRITE Crash state: strlcpy parselxcmntopts setconfigrootfsoptions...
PT-2019-6156 · Htmldoc +2 · Htmldoc +2
Name of the Vulnerable Software and Affected Versions: htmldoc version 1.9.7 Description: The issue is related to a buffer overflow in the hd strlcpy function, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. This c...
UDFclient Buffer Overflow Vulnerability
UDFclient is a user-implemented solution for the UDF file system defined by the OSTA group. A buffer overflow vulnerability exists in the custom strlcpy implementation in versions of UDFclient prior to 0.8.8. An attacker could exploit this vulnerability to cause a denial of service or execute...
CVE-2017-8305
The UDFclient before 0.8.8 custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library e.g., glibc that lacks its own strlcpy...
CVE-2017-8305
The UDFclient before 0.8.8 custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library e.g., glibc that lacks its own strlcpy...
UBUNTU-CVE-2017-8305
The UDFclient before 0.8.8 custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library e.g., glibc that lacks its own strlcpy...
Design/Logic Flaw
The UDFclient before 0.8.8 custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library e.g., glibc that lacks its own strlcpy...