Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

CVE-2023-37769: FPE in stress-test (#76) · Issues · Pixman / pixman · GitLab

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.

CVE
Open in Source
#vulnerability#ubuntu#git#c++
CVE-2023-38252: [BUG] Out of bound read in Strnew_size , Str.c:61 · Issue #270 · tats/w3m

An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

CVE-2023-37836: two bug in jpeg encoding · Issue #87 · thorfdbg/libjpeg

libjpeg commit db33a6e was discovered to contain a reachable assertion via BitMapHook::BitMapHook at bitmaphook.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

CVE-2023-37837: two bug in jpeg encoding · Issue #87 · thorfdbg/libjpeg

libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation

Uncovered issues fall into use-after-free, buffer-overflow, information leak and denial of service vulnerability classes. Some of these could be combined to achieve remote code execution or privilege escalation.

Botan C++ Crypto Algorithms Library 3.1.1

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.

Ransomware review: July 2023

Categories: Threat Intelligence Following a three-month lull of activity, Cl0p returned with a vengeance in June and beat out LockBit as the month’s most active ransomware gang. (Read more...) The post Ransomware review: July 2023 appeared first on Malwarebytes Labs.

Criminals target businesses with malicious extension for Meta's Ads Manager and accidentally leak stolen accounts

Categories: Threat Intelligence Tags: Meta Tags: Facebook Tags: malware Tags: ads manager Tags: chrome Tags: extension A group of criminals is actively targeting Facebook business users to gain access to their advertising accounts via malicious Chrome extensions. But we spotted that they made a mistake... (Read more...) The post Criminals target businesses with malicious extension for Meta's Ads Manager and accidentally leak stolen accounts appeared first on Malwarebytes Labs.

CVE-2023-37765: SEGV on unknown address 0x000000000003(0x000000000009) · Issue #2515 · gpac/gpac

GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so.

CVE-2023-37174: SEGV on unknown address 0x000000012c29 · Issue #2505 · gpac/gpac

GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c.