843 matches found
CVE-2023-45664
stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...
Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware
CVE202320198Detector This script can identify if Cisco IOS...
ALSA-2023:5683 Important: mariadb:10.5 security update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera 26.4.14, mariadb 10.5.22. Security Fixes: mariadb: node crashes with Transport endpoint is not connected mysqld got signa...
ALSA-2023:5684 Important: galera and mariadb security update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera 26.4.14, mariadb 10.5.22. Security Fixes: mariadb: node crashes with Transport endpoint is not connected mysqld got signa...
Important: mariadb:10.5 security update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera 26.4.14, mariadb 10.5.22. Security Fixes: mariadb: node crashes with Transport endpoint is not connected mysqld got signa...
[SECURITY] Fedora 38 Update: community-mysql-8.0.34-2.fc38
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
[SECURITY] Fedora 37 Update: clamav-0.103.10-1.fc37
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...
[SECURITY] Fedora 37 Update: clamav-0.103.9-1.fc37
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...
Arbitrary Command Injection
shescape is vulnerable to Arbitrary Command Injection. The vulnerability exists in threaded contexts on Windows, which results in improper escaping of shells, which allows an attacker to bypass shell sanitization...
Design/Logic Flaw
shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expecte...
CVE-2023-40185 Shescape on Windows escaping may be bypassed in threaded context
shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expecte...
CVE-2023-40185 Shescape on Windows escaping may be bypassed in threaded context
shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expecte...
CVE-2023-40185 Shescape on Windows escaping may be bypassed in threaded context
shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expecte...
CVE-2023-40185
CVE-2023-40185 affects the JavaScript library shescape. In Windows threaded contexts, shescape may escape or quote for the wrong shell, potentially bypassing protections intended for shell commands. The issue has been patched in version 1.7.4. Public references from multiple sources (GitHub advis...
GHSA-J55R-787P-M549 Shescape on Windows escaping may be bypassed in threaded context
Impact This may impact users that use Shescape on Windows in a threaded context e.g. using Worker threads. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell. This...
Shescape on Windows escaping may be bypassed in threaded context
Impact This may impact users that use Shescape on Windows in a threaded context e.g. using Worker threads. The vulnerability can result in Shescape escaping or quoting for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell. This...
[SECURITY] Fedora 38 Update: python-yfinance-0.2.28-4.fc38
Ever since Yahoo! finance decommissioned their historical data API, many programs that relied on it to stop working. yfinance aims to solve this problem by offering a reliable, threaded, and Pythonic way to download historical market data from Yahoo! finance...
PT-2023-27313 · Shescape · Shescape
Name of the Vulnerable Software and Affected Versions: Shescape versions prior to 1.7.4 Description: The issue affects users of Shescape on Windows in a threaded context, allowing attackers to bypass protections by exploiting Shescape's failure to correctly escape for the expected shell. This can...
[SECURITY] Fedora 38 Update: kitty-0.29.1-1.fc38
Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...
Fedora: Security Advisory for mariadb (FEDORA-2023-b4ff407364)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...