[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256148

 
 

909

 
 

199106

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 82540 Download | Alert*

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow via a crafted TIFF image. A vulner ...

[4.0.9-28] - Fix CVE-2022-48281 - Resolves: CVE-2022-48281

Multiple potential integer overflow in raw2tiff.c in libtiff less than = 4.5.1 can allow remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow

tiff: Tag Image File Format library Several security issues were fixed in LibTIFF.

tiff: Tag Image File Format library Several security issues were fixed in LibTIFF.

Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that may later crash Redis on access

html/template: improper sanitization of CSS valuesAngle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input. html/template: improper handling of JavaScript whitespace.N ...

A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executing a specially crafted Lua script in Redis. This attack triggers a heap overflow in the cjson and cmsgpack libraries, resulting in heap corruption and potential remote code execution

This update for redis fixes the following issues: * CVE-2022-24834: Fixed heap overflow in the cjson and cmsgpack libraries .

This update for redis fixes the following issues: * CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field. * CVE-2022-24834: Fixed a heap overflow in the cjson and cmsgpack libraries


Pages:      Start    2907    2908    2909    2910    2911    2912    2913    2914    2915    2916    2917    2918    2919    2920    ..   8253

© SecPod Technologies