954 matches found
PT-2023-33104 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue concerns a bounds check in the nci struct nfc target arrays. It was introduced in version v3.4 and fixed in Linux Kernel version v6.0.13. The actual impact and attack plausibility...
NULL Pointer Dereference
Environment bash Distributor ID: Debian Description: Debian GNU/Linux bookworm/sid Release: n/a Codename: bookworm Version I checked against the latest release as of 12/27/22 version 5.8.0 and the current master branch at commit 031da1be8f6c9aa55f6e4e76df962d2c85dc32e8 . Description This...
Use-After-Free
curl is vulnerable to Use-After-Free. When getting denied to tunnel the specific protocols such as SMB or TELNET, the library uses a heap-allocated struct after it had been freed, in its transfer shutdown code path resulting in use after free conditions...
SUSE SLES12 Security Update : curl (SUSE-SU-2022:4598-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4598-1 advisory. - A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP prox...
CURL-CVE-2022-43552 HTTP Proxy deny use after free
curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struc...
GSD-2022-1008355 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.334 by commit...
GSD-2022-1008306 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...
GSD-2022-1008247 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...
GSD-2022-1008172 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...
GSD-2022-1007675 nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix use-after-free bug of struct nilfsroot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...
GSD-2022-1007543 nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix use-after-free bug of struct nilfsroot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007448 nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix use-after-free bug of struct nilfsroot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...
GSD-2022-1007161 nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix use-after-free bug of struct nilfsroot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.74 by commit...
GSD-2022-1006930 nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix use-after-free bug of struct nilfsroot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.2 by commit...
Denial Of Service (DoS)
libtasn1.so is vulnerable to Denial Of Service DoS. The vulnerability exists in struct tagandclassst function of init.h due to an ETYPEOK off-by-one array size check which allows an attacker to crash the application via malicious input...
The bytes allocated to linearVestAmount is too small in the struct VTVLVesting.Claim
Lines of code Vulnerability details Impact In baseVestedAmount of VTVLVesting.sol, when we calculate the vested amount, vestAmt is the sum of cliffAmount and linearVestAmount. linearVestAmount is calculated from the fraction of completed interval as follows. uint112 linearVestAmount =...
havent specify the solidity compiler version, 8.15 and older version may lead to a mis encoded struct parameter
Lines of code Vulnerability details Impact the structure: struct ExecuteProposalParams uint256 proposalId; bytes proposalData; bytes progressData; bytes extraData; uint256 flags; IERC721 preciousTokens; uint256 preciousTokenIds; there are some unknown length elementbytes, in 8.15 and older...
kernel: x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave)
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI size of KVM's guest FPU to 'struct kvmxsave', i.e. to KVM's historical uABI size. When saving FPU state for usersapce, KVM well, now th...
Exploit for Improper Initialization in Linux Linux_Kernel
CVE-2022-0847 Exploits Dirty Pipe O que é ? Divulga...
DEBIAN-CVE-2022-38152
An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct...