The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function…

IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information…

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager 2.4.1 allows remote attackers with valid user…

Divide-by-zero in Clickhouse’s Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without…

Divide-by-zero in Clickhouse’s DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without…

Divide-by-zero in Clickhouse’s Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without…

Heap buffer overflow in Clickhouse’s LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop…

Heap buffer overflow in Clickhouse’s LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop…

Heap out-of-bounds read in Clickhouse’s LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value (‘offset’)…