CVE-2024-41131

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131

CVE-2024-41131 describes an Out-of-bounds Write vulnerability in the ImageSharp gif decoder of SixLabors.ImageSharp, allowing an attacker to crash the application via a specially crafted GIF file, with potential denial of service. Affected component: ImageSharp GIF decoding path within the 2D gra...

CVE-2024-39316

Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.5, Regular Expression Denial of Service ReDoS vulnerability exists in the Rack::Request::Helpers module when parsing HTTP Accept headers. This vulnerability can be exploited by an attacker sending...

Internet Bug Bounty: ReDoS Vulnerability in HTTP Accept Headers Parsing

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Rack::Request::Helpers module when parsing HTTP Accept headers. The vulnerability was caused by a lack of fix in the Rack v3.1 release series until v3.1.5...

CVE-2020-35216

An issue in Atomix v3.1.5 allows attackers to cause a denial of service DoS via false member down event messages...

CVE-2023-22436

The kernel subsystem function checkpermissionforsettokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root...

CVE-2023-22301

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

Memory corruption

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

Privilege escalation

The kernel subsystem function checkpermissionforsettokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root...

CVE-2023-22436 The kernel subsystem function check_permission_for_set_tokenid has an UAF vulnerability.

The kernel subsystem function checkpermissionforsettokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root...

CVE-2023-22301 The kernel subsystem hmdfs has a arbitrary memory accessing vulnerability.

The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior versions has an arbitrary memory accessing vulnerability which network attackers can launch a remote attack to obtain kernel memory data of the target system...

CVE-2020-35213

An issue in Atomix v3.1.5 allows attackers to cause a denial of service DoS via false link event messages sent to a master ONOS node...

CVE-2020-35215

An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states...

CVE-2020-35214

An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations...

CVE-2020-35210

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

CVE-2020-35209

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information...

An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.

An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations...

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.

A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service DoS via a Raft session flooding attack using Raft OpenSessionRequest messages...

An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.

An issue in Atomix v3.1.5 allows attackers to cause a denial of service DoS via false member down event messages...