10 matches found
net-imap vulnerable to command Injection via unvalidated Symbol inputs
Summary Symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. Details Symbol arguments represent IMAP "system flags", which are formatted as "atoms" with no quoting with a "" prefix. Vulnerable versions of Net::IMAP...
Linux Distros Unpatched Vulnerability : CVE-2019-14745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 before 3.7.0, a command injection vulnerability exists in binsymbols in libr/core/cbin.c. By using a crafted executable file, it's possible to execut...
CVE-2025-6199
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...
AZL-57404 CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...
CVE-2024-53233 unicode: Fix utf8_load() error path
In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8load error path utf8load requests the symbol "utf8datatable" and then checks if the requested UTF-8 version is supported. If it's unsupported, it tries to put the data table using symbolput. If an unsupported...
Palo Alto Networks PAN-OS 安全漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that originates from improperly neutralizing matching symbols in the command line interface, which allows an authenticat...
CLSA-2023-1701293664 binutils: Fix of 7 CVEs
CVE-2021-45078: Fix out-of-bounds write in stabxcoffbuiltintype - CVE-2021-46174: Fix buffer overflow in readsectionstabsdebugginginfo - CVE-2022-44840: Fix possible heap buffer overflow in findsectioninset in readelf.c - CVE-2022-45703: Combine sanity checks, calculate element counts, not word...
USN-6407-1 libx11 vulnerabilities
Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code...
The vulnerability of configuration files for the DLT journaling tool, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.
The vulnerability of configuration files for the DLT journaling tool is related to the improper processing of special symbols. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the hypercall_initialise function in Xen hypervisors, related to insufficient validation of input data, allows a malicious actor to trigger a service failure.
The vulnerability of the hypercallinitialise function in Xen hypervisors is related to incorrect error handling for the invalid format symbol. Exploiting this vulnerability can allow a malicious actor to cause service failures...