Page 28 of 38443 results (0.391 seconds)

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. ... This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XkbSetCompatMap requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. • https://access.redhat.com/security/cve/CVE-2024-9632 https://bugzilla.redhat.com/show_bug.cgi?id=2317233 https://access.redhat.com/errata/RHSA-2024:8798 https://access.redhat.com/errata/RHSA-2024:9579 https://access.redhat.com/errata/RHSA-2024:9601 • CWE-122: Heap-based Buffer Overflow •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 1

Affected is the function add/edit of the file www/coreframe/app/content/admin/block.php. ... Inicialmente, el investigador creó dos problemas separados para las diferentes llamadas de función. • https://github.com/wuzhicms/wuzhicms/issues/209 https://vuldb.com/?ctiid.282444 https://vuldb.com/?id.282444 https://vuldb.com/?submit.427401 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0

An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function. • https://github.com/St-Andrews-Bug-Busters/Vuln_info/blob/main/radare2/CVE-2024-48241.md https://github.com/radareorg/radare2/issues/23317 https://github.com/radareorg/radare2/pull/23318 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. ... A remote attacker could run waitress out of available sockets with very little resources required. • https://github.com/Pylons/waitress/commit/1ae4e894c9f76543bee06584001583fc6fa8c95c https://github.com/Pylons/waitress/issues/418 https://github.com/Pylons/waitress/pull/435 https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 4.9EPSS: 0%CPEs: -EXPL: 0

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database. • https://github.com/langchain-ai/langchain/commit/c2a3021bb0c5f54649d380b42a0684ca5778c255 https://huntr.com/bounties/8f4ad910-7fdc-4089-8f0a-b5df5f32e7c5 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •