CLSA-2022-1665680212 Fixed CVEs in vim: CVE-2022-3296, CVE-2022-3324

CVE-2022-3296: check CSFTRY can be found - CVE-2022-3324: make sure the window width does not become negative...

Fixed CVEs in vim: CVE-2022-3296, CVE-2022-3324

CVE-2022-3296: check CSFTRY can be found - CVE-2022-3324: make sure the window width does not become negative...

September 30, 2022—KB5017389 (OS Build 22621.608) Preview

September 30, 2022—KB5017389 OS Build 22621.608 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page.Note Follow @WindowsUpdate to...

PT-2022-33566 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue concerns the handling of periods in the pwm: lpc18xx component. It was introduced in version v4.3 and fixed in version v5.19.2. The actual impact and attack plausibility have not y...

DEBIAN-CVE-2021-4216

A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream...

UBUNTU-CVE-2021-4216

A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream...

CVE-2021-4216

A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream...

Artifex Software MuPDF 数字错误漏洞

Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A security vulnerability exists in Artifex Software MuPDF, which stems from a floating point exception divisible by 0 in the 0 width page of its muraster.c component...

PT-2022-11547 · Mupdf +2 · Mupdf +2

Name of the Vulnerable Software and Affected Versions: Mupdf versions prior to 1.20.0-rc1 Description: A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. Recommendations: For versions prior to 1.20.0-rc1, update to Mupdf-1.20.0-rc1 or later to...

Mapbox buffer overflow vulnerability

Mapbox is a location data platform for mobile and Web applications from Mapbox, Inc. A buffer overflow vulnerability exists in versions prior to Mapbox gl-native 10.6.1, which stems from excessive image height and width values when creating new images, and can be exploited to cause Mapbox process...

Mapbox is vulnerable to Integer Overflow

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...

CVE-2022-38216

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...

Mapbox 输入验证错误漏洞

Mapbox is a location data platform for mobile and Web applications from Mapbox, Inc. A buffer overflow vulnerability exists in versions prior to Mapbox gl-native 10.6.1, which stems from excessive image height and width values when creating new images, and can be exploited to cause Mapbox process...

Avoiding <img> layout shifts: aspect-ratio vs width & height attributes

By default, an takes up zero space until the browser loads enough of the image to know its dimensions: &origin=source&to=/c/senna-d1c8a036.jpg When you run the demo, you'll see the immediately. Then, after a few seconds, this paragraph and subsequent page content shifts downwards to make room for...

QEMU: QXL: double fetch in qxl_cursor() can lead to heap buffer overflow

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...

GHSA-XRP2-FHQ4-4Q3W Segfault if `tf.histogram_fixed_width` is called with NaN values in TensorFlow

Impact The implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain NaN elements: python import tensorflow as tf import numpy as np tf.histogramfixedwidthvalues=np.nan, valuerange=1,2 The implementation assumes that all floating point operations are defined...

DEBIAN-CVE-2021-42614

A use after free in infowidthinternal in bkinfo.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document...

UBUNTU-CVE-2021-42614

A use after free in infowidthinternal in bkinfo.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document...

Halibut 资源管理错误漏洞

Halibut is a secure, RPC-based open source communication framework from the individual developers of Octopus Deploy. A security vulnerability exists in Halibut version 1.2, which stems from a post-release reuse issue in infowidthinternal in bkinfo.c. The vulnerability is caused by an unspecified...

PT-2022-11634 · Halibut +2 · Halibut +2

Name of the Vulnerable Software and Affected Versions: Halibut version 1.2 Description: A use after free in info width internal in bk info.c allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. Recommendations: For Halibut version...