A vulnerability, which was classified as critical, was found in Grok up to 9.2.0. Affected is the function grk::FileFormatDecompress::apply_palette_clr. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Grok up to 9.2.0 apply_palette_clr heap-based overflow
- Virtual Patching
- July 1, 2021
- 7:04 am
- Virtual Patching
- July 1, 2021
- 7:04 am
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2023-33595 : CPYTHON 3.12.0 ALPHA 7 /OBJECTS/UNICODEOBJECT.C ASCII_DECODE USE AFTER FREE
Description CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. References https://github.com/python/cpython/issues/103824
CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION
Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation
CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION
Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations