Month: August 2023

A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function. Continue reading CVE-2020-27418 (fedora_linux_kernel)→

An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution. Continue reading CVE-2021-32292 (json-c)→

dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different vulnerablility than CVE-2021-32421. Continue reading CVE-2021-33390 (dpic)→

dpic 2021.04.10 has a Heap Buffer Overflow in themakevar() function in dpic.y Continue reading CVE-2021-33388 (dpic)→

dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array. Continue reading CVE-2021-32422 (dpic)→

dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y. Continue reading CVE-2021-32421 (dpic)→

dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y. Continue reading CVE-2021-32420 (dpic)→

Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. Continue reading CVE-2020-22217 (c-ares, debian_linux)→

A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information. Continue reading CVE-2020-26683 (mupdf)→

An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat’s VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization. It is not yet known if there will be other other eff… Continue reading CVE-2020-23793 (spice-server)→