Affected versions of aiohttp have a security vulnerability regarding the inconsistent interpretation of the http protocol. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.Īiohttp is an asynchronous HTTP client/server framework for asyncio and Python. This could lead to an out-of-bounds read. Santesoft Sante FFT Imaging lacks proper validation of user-supplied data when parsing DICOM files. This could allow an attacker to execute code in the context of the current process. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.ĭelta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |