32 matches found
📄 Adobe DNG SDK Image Processing Logic
Proof of concept exploit that demonstrates a heap out-of-bounds read / write leading to memory corruption and potential code execution in the Image Processing Logic of Adobe DNG SDK versions prior to 1.7.1.2410...
EUVD-2021-1210
Malware in sbrugna...
SUSE CVE-2024-57921
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add a lock when accessing the buddy trim function When running YouTube videos and Steam games simultaneously, the tester found a system hang / race condition issue with the multi-display configuration setting. Adding ...
DEBIAN-CVE-2024-57921
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add a lock when accessing the buddy trim function When running YouTube videos and Steam games simultaneously, the tester found a system hang / race condition issue with the multi-display configuration setting. Adding ...
CVE-2024-57921 drm/amdgpu: Add a lock when accessing the buddy trim function
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add a lock when accessing the buddy trim function When running YouTube videos and Steam games simultaneously, the tester found a system hang / race condition issue with the multi-display configuration setting. Adding ...
CVE-2024-57921
CVE-2024-57921 : In the Linux kernel, the AMDGPU/AMDGPU DRM buddy allocator had a race condition during trim, mitigated by adding a lock around buddy allocator trim function. The fix prevents a potential general protection fault and system hang when running mixed workloads (e.g., YouTube playback...
CVE-2024-57921
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add a lock when accessing the buddy trim function When running YouTube videos and Steam games simultaneously, the tester found a system hang / race condition issue with the multi-display configuration setting. Adding ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the trim function of the amddrmbuddy module not being properly locked, resulting in a race condition...
PT-2024-33779
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the wifi: ath9k htc module, where the skb trim function has a sanity check on the existing length of the skb,...
SUSE CVE-2010-2190
The 1 trim, 2 ltrim, 3 rtrim, and 4 substrreplace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by reference...
CVE-2022-25927
A flaw was found in ua-parser-js. This issue could allow a malicious user to trigger a regular expression denial of service ReDoS via the trim function...
CVE-2022-25927
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...
Design/Logic Flaw
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...
CVE-2022-25927
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...
UBUNTU-CVE-2022-25927
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...
CVE-2022-25927
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...
CVE-2022-25927
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service ReDoS via the trim function...
Regular Expression Denial Of Service (ReDoS)
ua-parser-js is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to an insecure Regex pattern used for the str attribute in the trim function of ua-parser.js, which allows an attacker to crash the application by providing a maliciously crafted string...
Regular Expression Denial of Service (ReDoS)
Overview ua-parser-js is a lightweight JavaScript-based user-agent string parser. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the trim function. PoC js const UAParser = require'ua-parser-js'; const count = 200000; //delay starts to be...
ua-parser-js 安全漏洞
ua-parser-js is a JavaScript-based parser for User-Agent strings. It can be used in a browser client-side or node.js server-side environment. Can also be used as a jQuery / Zepto plugin, Bower / Meteor package and RequireJS / AMD module . A security vulnerability exists in ua-parser-js versions...