CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57660
https://notcve.org/view.php?id=CVE-2024-57660
14 Jan 2025 — An issue in the sqlo_expand_jts component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1221 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57661
https://notcve.org/view.php?id=CVE-2024-57661
14 Jan 2025 — An issue in the sqlo_df component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1220 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57662
https://notcve.org/view.php?id=CVE-2024-57662
14 Jan 2025 — An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1217 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57663
https://notcve.org/view.php?id=CVE-2024-57663
14 Jan 2025 — An issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1218 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57664
https://notcve.org/view.php?id=CVE-2024-57664
14 Jan 2025 — An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1211 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56827 – Openjpeg: heap buffer overflow in lib/openjp2/j2k.c
https://notcve.org/view.php?id=CVE-2024-56827
09 Jan 2025 — A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code if malformed images are opened. • https://access.redhat.com/security/cve/CVE-2024-56827 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.6EPSS: 0%CPEs: 10EXPL: 0CVE-2024-56826 – Openjpeg: heap buffer overflow in bin/common/color.c
https://notcve.org/view.php?id=CVE-2024-56826
09 Jan 2025 — A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code if malformed images are opened. • https://access.redhat.com/security/cve/CVE-2024-56826 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2025-0242 – firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6
https://notcve.org/view.php?id=CVE-2025-0242
07 Jan 2025 — Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19. Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and ... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2025-0238 – firefox: thunderbird: Use-after-free when breaking lines in text
https://notcve.org/view.php?id=CVE-2025-0238
07 Jan 2025 — Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19. Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6. A flaw was fou... • https://bugzilla.mozilla.org/show_bug.cgi?id=1915535 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-52949 – iptraf-ng: buffer overflow via ifaces.c
https://notcve.org/view.php?id=CVE-2024-52949
16 Dec 2024 — iptraf-ng 1.2.1 has a stack-based buffer overflow. iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack. An update for iptraf-ng is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability. • https://github.com/iptraf-ng/iptraf-ng/releases/tag/v1.2.1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •