36 matches found
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rtc: Check whether the rtcreadtime call was successful in rtctimerdowork. If the rtcreadtime call fails, the struct rtctime tm; structure may contain uninitialized data, or an illegal date/time reading from the RTC hardware may...
Exploit for CVE-2026-26833
CVE-2026-26833: OS command injection in thumbler Summary...
EUVD-2016-4844
Malware in sbrugna...
EUVD-2016-8007
Malware in sbrugna...
Security update for gnuplot
This update for gnuplot fixes the following issues: CVE-2025-31176: invalid read leads to segmentation fault on plot3dpoints bsc1240325. CVE-2025-31177: improper bounds check leads to heap-buffer overflow on utf8copyone bsc1240326. CVE-2025-31178: unvalidated user input leads to segmentation faul...
Security update for gnuplot
This update for gnuplot fixes the following issues: CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString bsc1240327. CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime bsc1240328. CVE-2025-31181: double fclose call lead...
SUSE-SU-2025:01805-1 Security update for gnuplot
This update for gnuplot fixes the following issues: - CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString bsc1240327. - CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime bsc1240328. - CVE-2025-31181: double fclose cal...
CVE-2024-56739 rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
In the Linux kernel, the following vulnerability has been resolved: rtc: check if rtcreadtime was successful in rtctimerdowork If the rtcreadtime call fails,, the struct rtctime tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtctmtoktime later...
SUSE CVE-2019-9209
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values...
In Notional case Redeemer's redeem() will not do the position redeeming
Lines of code Vulnerability details Currently no actual redeeeming is done in Notional case as maxRedeem is a balance view function that doesn't close the position. This way one more operation, the redeeming itself, is now committed and in Notional case Redeemer's redeem doesn't perform anything,...
Belloo Access Control Error Vulnerability
Belloo, a "high quality" dating software from Belloo, is vulnerable to an access control error that originates from the use of md5$time to generate password recovery code in requestsuser.php. An attacker could use this vulnerability to predict the time value on the server and could easily guess t...
jackson-modules-java8: DoS due to an Improper Input Validation
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...
Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...
Input validation
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...
CVE-2018-1000873
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...
CVE-2017-5214
The Codextrous B2J Contact aka b2jcontact extension before 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files...
CVE-2016-7129
The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...
Code injection
The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...
CVE-2016-7129
The phpwddxprocessdata function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddxdeserialize call that...
CVE-2016-3831
The telephony component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service device crash via a NITZ time value of 2038-01-19 or later that is mishandled by the system clock, aka internal bug 29083635,...