21761 matches found
usb: typec: altmodes/displayport: do not index invalid pin_assignments
...
hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
...
platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
...
elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c.
...
Possible private key restoration in go package github.com/ecies/go
...
usb: typec: displayport: Fix potential deadlock
...
perf/core: Exit early on perf_mmap() fail
...
drm/i915/gt: Fix timeline left held on VMA alloc error
...
x86/sev: Evict cache lines during SNP memory validation
...
eventpoll: Fix semi-unbounded recursion
...
clk: xilinx: vcu: unregister pll_post only if registered correctly
...
Extracting malicious crates can fill the file system
...
Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
...
ipv6: reject malicious packets in ipv6_gso_segment()
...
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
...
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
...
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
...
powerpc/eeh: Make EEH driver device hotplug safe
...
blk-throttle: Set BIO_THROTTLED when bio has been throttled
...
Libssh: use of uninitialized variable in privatekey_from_file()
...
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
...
Improper sanitization of CSS values in html/template
...
Qemu: denial of service via improper synchronization in qemu nbd server during socket closure
...
RabbitMQ Node can log Basic Auth header from an HTTP request
...
Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."
...
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow
...
wifi: ath11k: clear initialized flag for deinit-ed srng lists
...
scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI
...
GNU ncurses parse_entry.c postprocess_termcap stack-based overflow
...
net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
...
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.
...
crypto: ccp - Fix crash when rebind ccp device for ccp.ko
...
Domain Name Validation Bypass with Apple Native Certificate Validation
...
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
...
perf/core: Prevent VMA split of buffer mappings
...
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.
...
Libxml: null pointer dereference leads to denial of service (dos)
...
Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions
...
In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.
...
In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
...
Improper handling of JavaScript whitespace in html/template
...
Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow
...
Qemu-kvm: usb: assertion failure in usb_ep_get()
...
sunrpc: fix handling of server side tls alerts
...
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.
...
WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified
...
pptp: ensure minimal skb length in pptp_xmit()
...
f2fs: fix to avoid panic in f2fs_evict_inode
...
Insecure parsing of Windows paths with a \??\ prefix in path/filepath
...
A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
...