ποΈ The Matrix Resurrections review: Latest film instalment offers nostalgia but no denouement ποΈ
π Read
via "The Daily Swig".
DΓ©jΓ vu isn't what it used to beπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
The Matrix Resurrections review: Latest film instalment offers nostalgia but no denouement
DΓ©jΓ vu isn't what it used to be
ποΈ Security done right: Celebrating infosec wins in 2021 ποΈ
π Read
via "The Daily Swig".
Kudos to Tongaβs ccTLD, the US Supreme Court, and othersβ¦π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Security done right: Celebrating infosec wins in 2021
Kudos to Tongaβs ccTLD, the US Supreme Court, and othersβ¦
βΌ CVE-2021-4193 βΌ
π Read
via "National Vulnerability Database".
vim is vulnerable to Out-of-bounds Readπ Read
via "National Vulnerability Database".
βΌ CVE-2021-4192 βΌ
π Read
via "National Vulnerability Database".
vim is vulnerable to Use After Freeπ Read
via "National Vulnerability Database".
βΌ CVE-2021-45933 βΌ
π Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45926 βΌ
π Read
via "National Vulnerability Database".
MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd0c689be0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45940 βΌ
π Read
via "National Vulnerability Database".
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45928 βΌ
π Read
via "National Vulnerability Database".
libjxl before 0.6, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45934 βΌ
π Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45930 βΌ
π Read
via "National Vulnerability Database".
Qt SVG in Qt 5.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45943 βΌ
π Read
via "National Vulnerability Database".
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).π Read
via "National Vulnerability Database".
βΌ CVE-2021-44716 βΌ
π Read
via "National Vulnerability Database".
net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45935 βΌ
π Read
via "National Vulnerability Database".
Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45938 βΌ
π Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45939 βΌ
π Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45942 βΌ
π Read
via "National Vulnerability Database".
OpenEXR 3.1.0 through 3.1.3 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45931 βΌ
π Read
via "National Vulnerability Database".
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).π Read
via "National Vulnerability Database".
βΌ CVE-2021-45941 βΌ
π Read
via "National Vulnerability Database".
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).π Read
via "National Vulnerability Database".
βΌ CVE-2021-44717 βΌ
π Read
via "National Vulnerability Database".
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41817 βΌ
π Read
via "National Vulnerability Database".
Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45932 βΌ
π Read
via "National Vulnerability Database".
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).π Read
via "National Vulnerability Database".