Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

RHSA-2023:3920: Red Hat Security Advisory: go-toolset-1.19 and go-toolset-1.19-golang security update

An update for go-toolset-1.19 and go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29402: The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved using the go comma...

Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#nodejs#js#kubernetes#c++#aws#ibm
Red Hat Security Advisory 2023-3813-01

Red Hat Security Advisory 2023-3813-01 - An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8.

CVE-2023-36271: [FUZZ] two bugs in dwg2SVG · Issue #681 · LibreDWG/libredwg

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.

CVE-2023-36272: [FUZZ] two bugs in dwg2SVG · Issue #681 · LibreDWG/libredwg

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.

Red Hat Security Advisory 2023-3776-01

Red Hat Security Advisory 2023-3776-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

CVE-2023-36192: heap-buffer-overflow on capture.c:923:9 · Issue #438 · irontec/sngrep

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_ws_check_packet at /src/capture.c.

CVE-2023-36193: heap-buffer-overflow in ambiguity_error · Issue #191 · kohler/gifsicle

Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.

CVE-2023-36239: Allocation size overflow in parseSWF_DEFINEFONTINFO() at parser.c:1948 · Issue #273 · libming/libming

libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.

CVE-2023-36243: Memory allocation failure in xml_on_metadata_tag_only() at dump_xml.c:271 · Issue #19 · noirotm/flvmeta

FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c.

CVE-2023-36369: MonetDB server 11.46.0 crashes at `list_append` · Issue #7383 · MonetDB/MonetDB

An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.