5836 matches found
Sonos Security Breach
Sonos is an ultimate wireless home audio system from Sonos Inc. in the United States. A security vulnerability exists in the Sonos Era 100 that stems from a lack of proper validation of user-supplied data, resulting in an integer underflow before reading from memory...
Sonos Security Breach
Sonos is an ultimate wireless home audio system from the US company Sonos. A security vulnerability exists in the Sonos Era 100 that stems from a lack of proper validation of user-supplied data, which could result in writes beyond the end of the allocation buffer...
Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CoreGraphi...
Kofax Power PDF Security Vulnerability
Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a lack of proper validation of user-supplied data, resulting in writes beyond the end of the allocated buffer...
Kofax Power PDF Security Vulnerability
Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a lack of proper validation of user-supplied data, resulting in memory corruption...
Sonos Security Breach
Sonos is an ultimate wireless home audio system from the US company Sonos. A security vulnerability exists in the Sonos Era 100 that stems from a lack of proper validation of user-supplied data, which could result in a read beyond the end of the allocated buffer...
kernel: i2c: validate user data in compat ioctl
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
kernel: i2c: validate user data in compat ioctl
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
RHEL 6 : chromium-browser (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - chromium-browser: Heap buffer overflow in clipboard CVE-2020-16025 - chromium-browser: Insufficient data...
RHEL 7 : unbound (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unbound: command injection with data coming from a specially crafted IPSECKEY answer CVE-2019-18934 - A...
[SECURITY] Fedora 39 Update: rust-rpki-0.18.1-2.fc39
A library for validating and creating RPKI data...
SUSE-SU-2024:1886-1 Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata bsc1224806...
SUSE-SU-2024:1882-1 Security update for gstreamer-plugins-base
This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata bsc1224806...
Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TGA...
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2...
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2...
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
Vulnerability of the search_byEntryKey function (fs/reiserfs/namei.c) in the Linux operating system, allowing a local attacker to execute arbitrary code
The vulnerability of the searchbyentrykey function in the reiserfs file system of the Linux operating system is related to insufficient data validation during searches after mounting a faulty file system. This can lead to access to arbitrary memory. Exploiting this vulnerability allows an attacke...
The vulnerability of the tipc_udp_nl_dump_remoteip() function in the implementation of the TIPC protocol allows a attacker to gain access to protected data or cause a service failure.
The vulnerability of the tipcudpnldumpremoteip function in the net/tipc/udpmedia.c module of the TIPC Transparent Inter-Process Communication protocol implementation in the Linux operating system is related to incorrect validation of the received data. Exploiting this vulnerability may allow an...
Microchip MPLAB 安全漏洞
Microchip MPLAB Net is an integrated development environment from Microchip Corporation. A security vulnerability exists in Microchip MPLAB that stems from the presence of a data validation issue...