CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45616 – Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc
https://notcve.org/view.php?id=CVE-2024-45616
03 Sep 2024 — A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a s... • https://access.redhat.com/security/cve/CVE-2024-45616 • CWE-457: Use of Uninitialized Variable •
CVSS: 3.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-45615 – Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init
https://notcve.org/view.php?id=CVE-2024-45615
03 Sep 2024 — A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to ot... • https://access.redhat.com/security/cve/CVE-2024-45615 • CWE-457: Use of Uninitialized Variable •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45508 – Ubuntu Security Notice USN-7225-1
https://notcve.org/view.php?id=CVE-2024-45508
01 Sep 2024 — HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. HTMLDOC anterior a 1.9.19 tiene una escritura fuera de los límites en parse_paragraph en ps-pdf.cxx debido a un intento de eliminar los espacios iniciales de un nodo que solo contiene espacios en blanco. It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could l... • https://github.com/michaelrsweet/htmldoc/blob/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2/CHANGES.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2024-45491 – libexpat: Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2024-45491
30 Aug 2024 — An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. ... • https://github.com/libexpat/libexpat/issues/888 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 1CVE-2024-45492 – libexpat: integer overflow
https://notcve.org/view.php?id=CVE-2024-45492
30 Aug 2024 — An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX. This update for mozjs115 fixes the following issues. Fixed negative len for XML_ParseBuffer in embedded expat. • https://github.com/nidhihcl75/external_expat_2.6.2_CVE-2024-45492 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-45490 – libexpat: Negative Length Parsing Vulnerability in libexpat
https://notcve.org/view.php?id=CVE-2024-45490
30 Aug 2024 — An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An attacker could use this issu... • https://github.com/libexpat/libexpat/issues/887 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-41996 – openSUSE Security Advisory - openSUSE-SU-2024:14366-1
https://notcve.org/view.php?id=CVE-2024-41996
26 Aug 2024 — Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key. This update for ... • https://dheatattack.gitlab.io/details • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 2%CPEs: 26EXPL: 0CVE-2024-4453 – GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4453
17 May 2024 — GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before... • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 15%CPEs: 12EXPL: 0CVE-2024-4340 – Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
https://notcve.org/view.php?id=CVE-2024-4340
30 Apr 2024 — Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Pasar una lista muy anidada a sqlparse.parse() conduce a una denegación de servicio debido a RecursionError. A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse(), where a recursion error may be triggered, which can lead to a denial of service. It was discovered that SQL parse incorrectly handled certain nested lists. • https://github.com/advisories/GHSA-2m57-hf25-phgg • CWE-674: Uncontrolled Recursion •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-31755 – cjson: segmentation violation trigger through the second parameter of function cJSON_SetValuestring at cJSON.c
https://notcve.org/view.php?id=CVE-2024-31755
26 Apr 2024 — cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. Se descubrió que cJSON v1.7.17 contiene una infracción de segmentación, que puede activarse a través del segundo parámetro de la función cJSON_SetValuestring en cJSON.c. A flaw was found in cJSON. This issue contains a segmentation violation, which can trigger through the second parameter of the cJSON_SetValuestring function at cJSON.c. An update that ... • https://github.com/DaveGamble/cJSON/issues/839 • CWE-476: NULL Pointer Dereference CWE-754: Improper Check for Unusual or Exceptional Conditions •