21727 matches found
ypserv allows a local user to modify the GECOS and login shells of other users.
...
ypserv allows local administrators to modify password tables.
...
Race condition in xterm allows local users to modify arbitrary files via the logging option.
...
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
...
mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer
...
net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
...
af_unix: Fix null-ptr-deref in unix_stream_sendpage().
...
can: j1939: implement NETDEV_UNREGISTER notification handler
...
mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()
...
i40e: remove read access to debugfs files
...
ceph: fix race condition validating r_parent before applying state
...
hv_netvsc: Don't free decrypted memory
...
Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted
...
net: hns3: fix kernel crash when devlink reload during initialization
...
net: hns3: fix kernel crash when devlink reload during pf initialization
...
Timing side-channel in SM2 algorithm on 64 bit ARM
...
A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS).
...
In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.
...
A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS).
...
In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.
...
PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True.
...
GNU Binutils objdump.c dump_dwarf_section out-of-bounds
...
leds: mlxreg: Use devm_mutex_init() for mutex initialization
...
leds: an30259a: Use devm_mutex_init() for mutex initialization
...
net/mlx5e: Avoid field-overflowing memcpy()
...
The filename of uploaded files vulnerable to stored XSS in Bolt CMS
...
CSRF issue on preview pages in Bolt CMS
...
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.
...
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion
...
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php
...
Bolt before 3.6.10 has XSS via an image's alt or title field.
...
Bolt before 3.6.10 has XSS via a title that is mishandled in the system log
...
PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.
...
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service
...
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
...
Integer overflow in sfcommands/sfconvert.c in Audio File Library
...
Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file.
...
Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
...
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
...
Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service via a crafted file.
...
Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service
...
Heap-based buffer overflow in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service
...
The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
...
Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact
...
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
...
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
...
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service
...
The plist_free_data function libplist allows attackers to cause a denial of service
...
Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact via a crafted audio file
...
The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service
...