A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud that could allow an unauthenticated attacker to read arbitrary files.
A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer
In the Linux kernel, the following vulnerability has been resolved:
smb: server: fix active_num_conn leak on transport allocation failure
Commit 77ffbcac4e56 ("smb: server: fix leak of active_num_co
A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaust
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid memory leak in f2fs_rename()
syzbot reported a f2fs bug as below:
BUG: memory leak
unreferenced object 0xffff8
A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation (4 * block_samples * cha
A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds re
In the Linux kernel, the following vulnerability has been resolved:
smb: client: let recv_done verify data_offset, data_length and remaining_data_length
This is inspired by the related server fixes.
A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group stre
In the Linux kernel, the following vulnerability has been resolved:
configfs: fix possible memory leak in configfs_create_dir()
kmemleak reported memory leaks in configfs_create_dir():
unreferenced
A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to h
A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, how
In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the
A security flaw has been discovered in Nothings stb_image up to 2.30. This affects the function stbi__gif_load_next of the file stb_image.h of the component Multi-frame GIF File Handler. The manipulat
In the Linux kernel, the following vulnerability has been resolved:
f2fs: use global inline_xattr_slab instead of per-sb slab cache
As Hong Yun reported in mailing list:
loop7: detected capacity ch
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak
btrfs_ioctl_space_info() has a TOCTOU race betwe
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: provide block_invalidate_folio to fix memory leak
The ntfs3 filesystem lacks the 'invalidate_folio' method and it causes
A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful e
Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string lit
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the `vm` module with the timeout option. Under specific timing conditions, buff
← Previous Page 5