CVE-2023-42522

Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecu...

CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

DEBIAN-CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

CVE-2023-25585 Field `file_table` of `struct module *module` is uninitialized

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

CVE-2023-25585

A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and local denial of service...

CVE-2023-25588 Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

A flaw was found in Binutils. The field thebfd of asymbolstruct is uninitialized in the bfdmachogetsyntheticsymtab function, which may lead to an application crash and local denial of service...

CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

CVE-2023-4207

A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. When fwchange is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when updati...

UBUNTU-CVE-2022-47011

An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

GNU Binutils 安全漏洞

GNU Binutils is a set of open source tools for working with binary files such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. GNU Binutils suffers from a memory leak vulnerability that originates from a memory leak ...

CVE-2022-47011

An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks...

CVE-2023-34450 CometBFT PeerState JSON serialization deadlock

CometBFT is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine and replicates it on many machines. An internal modification made in versions 0.34.28 and 0.37.1 to the way struct PeerState is serialized to JSON introduced a deadlock when new function MarshallJSON is...

quorumReached does not account for forVotes

Lines of code Vulnerability details Impact quorumReached does not account for forVotes. Proof of Concept The supportVodes mapping of the ProposalExtraData struct consists of three values: forVotes, againstVotes and abstainVotes respectively on keys 0, 1 and 2. The function: function...

Ouroboros is Unsound

In 0.15.0 and prior, Ouroboros works internally by creating a struct where all uses of 'this are replaced by 'static. However, a recent addition to Miri checks that references passed to functions are valid during the entire execution of the function, even when those references are passed inside a...

EulerOS 2.0 SP5 : curl (EulerOS-SA-2023-2139)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP...

CVE-2023-25738

Members of the DEVMODEW struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.This bug only affects Firefox on Windows. Other operating systems are...

CVE-2023-25738

Members of the DEVMODEW struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.This bug only affects Firefox on Windows. Other operating systems are...

CLSA-2023-1685378325 curl: Fix of 2 CVEs

CVE-2022-43552: smb/telnet: do not free the protocol struct in done - CVE-2022-35252: cookie: reject cookies with "control bytes"...