memory corruption

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

by

October 11, 2023 at 12:06PM Patches have been released for a critical memory corruption vulnerability in the cURL data transfer project. The flaw, tracked as CVE-2023-38545, affects the SOCKS5 proxy handshake process in cURL, allowing remote exploitation in certain configurations. The bug can lead to heap buffer overflow, and affected versions are 7.69.0 to 8.3.0. … Read more

October 10, 2023 at 03:06AM – libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

by

October 10, 2023 at 03:06AM A security flaw in the libcue library affects GNOME Linux systems, allowing remote code execution (RCE) when a user downloads a malicious .cue file. The vulnerability (CVE-2023-43641) is caused by memory corruption in libcue versions 2.2.1 and earlier. Detailed technical information has been withheld to give users time to update. … Read more