Alertes de sécurité

3D Viewer Remote Code Execution Vulnerability

3D Viewer Remote Code Execution Vulnerability

A flaw was found in postgresql in versions before 13.3 before 12.7 before 11.12 before 10.17 and before 9.6.22. While modifying certain SQL array values missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

A security issue in nginx resolver was identified which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite resulting in worker process crash or potential other impact.

An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative e.g. access to element -2 of an array aka CID-298a58e165e4.

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host resulting in a denial of service condition or potential code execution with the privileges of the QEMU process.

An unlimited recursion in DxeCore in EDK II.

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory libcurl might even call a function pointer in the object making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file

Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm and the window size is not chosen appropriately. This for example affects use of ElGamal in OpenPGP.

Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.

lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

Microsoft Defender Remote Code Execution Vulnerability

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Excel Remote Code Execution Vulnerability

Microsoft Intune Management Extension Remote Code Execution Vulnerability

Microsoft Office Graphics Remote Code Execution Vulnerability

Microsoft Office Graphics Remote Code Execution Vulnerability

Microsoft Outlook Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft SharePoint Server Spoofing Vulnerability

Microsoft VsCode Kubernetes Tools Extension Elevation of Privilege Vulnerability

mod_auth_digest possible stack overflow by one nul byte

mod_proxy_http NULL pointer dereference

mod_session NULL pointer dereference

NULL pointer dereference on specially crafted HTTP/2 request

Paint 3D Remote Code Execution Vulnerability

Paint 3D Remote Code Execution Vulnerability

Paint 3D Remote Code Execution Vulnerability

Repository credentials passed to alternate domain

Server for NFS Denial of Service Vulnerability

Server for NFS Information Disclosure Vulnerability

Server for NFS Information Disclosure Vulnerability

VP9 Video Extensions Remote Code Execution Vulnerability

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Filter Manager Elevation of Privilege Vulnerability

Windows GPSVC Elevation of Privilege Vulnerability

Windows Hyper-V Denial of Service Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows NTFS Elevation of Privilege Vulnerability

Windows NTLM Elevation of Privilege Vulnerability