Lucene search
K

156 matches found

Tenable Nessus
Tenable Nessus
added 2024/08/19 12:0 a.m.14 views

EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-2148)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219...

6.7CVSS6.5AI score0.00989EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/08 8:50 a.m.17 views

CVE-2024-42257 ext4: use memtostr_pad() for s_volume_name

In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostrpad for svolumename As with the other strings in struct ext4superblock, svolumename is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 "ext4: add nonstring annotations to ext4.h". Using...

6.9AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/15 12:0 a.m.19 views

EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2024-1920)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...

6.7CVSS6.6AI score0.00989EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/07/05 12:51 p.m.29 views

CVE-2024-39480

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...

4.4CVSS7.5AI score0.00256EPSS
Exploits0References4
OSV
OSV
added 2024/07/05 7:15 a.m.1 views

DEBIAN-CVE-2024-39480

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...

7.8CVSS6AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/05 6:55 a.m.27 views

CVE-2024-39480 kdb: Fix buffer overflow during tab-complete

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...

0.00256EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/05 6:55 a.m.32 views

CVE-2024-39480 kdb: Fix buffer overflow during tab-complete

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...

7.3AI score0.00256EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/06/25 12:0 a.m.17 views

EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2024-1845)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...

6.7CVSS6.6AI score0.00989EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.19 views

Ubuntu 24.04 LTS. : Pillow vulnerability (USN-6744-3)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by a vulnerability as referenced in the USN-6744-3 advisory. USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding description...

6.7CVSS6.2AI score0.00989EPSS
Exploits0References2
Mageia
Mageia
added 2024/04/15 6:21 p.m.58 views

Updated python-pillow packages fix security vulnerabilities

CVE-2023-44271 Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. CVE-2024-28219 A...

7.5CVSS7.7AI score0.01038EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 3:30 a.m.28 views

GHSA-44WM-F244-XHP3 Pillow buffer overflow vulnerability

In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...

7.3CVSS7AI score0.00989EPSS
Exploits0References6
NVD
NVD
added 2024/04/03 3:15 a.m.14 views

CVE-2024-28219

In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...

6.7CVSS6.9AI score0.00989EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/03 3:15 a.m.36 views

CVE-2024-28219

In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...

6.7CVSS6.9AI score0.00989EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/04/03 12:0 a.m.21 views

CVE-2024-28219

In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...

6.7CVSS7.2AI score0.00989EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/04/03 12:0 a.m.26 views

CVE-2024-28219

In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...

6.7CVSS7.3AI score0.00989EPSS
Exploits0
OSV
OSV
added 2024/03/11 7:15 p.m.5 views

CVE-2024-27224

In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.0008EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/11 6:55 p.m.8 views

CVE-2024-27224

In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.2AI score0.0008EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/11 12:0 a.m.5 views

Google Pixel Security Breach

Google Pixel is a smartphone from Google Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a lack of bounds checking in the strncpy method of the strncpy.c file, which may result in out-of-bounds writes...

7.8CVSS6.8AI score0.0008EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/11 12:0 a.m.5 views

PT-2024-21757 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing bounds check in the strncpy function of strncpy.c, which could lead to a possible out of bounds write. This could resu...

7.8CVSS6.7AI score0.0008EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.8 views

The vulnerability of the strncpy function in D-Link DIR-878 router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the strncpy function in D-Link DIR-878 router microprogramming software is caused by buffer overflow in the stack. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS8.1AI score0.03004EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder