Fedora: Security Advisory for python-pydantic (FEDORA-2024-fc5dc50bb6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:1635-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-5247

CVE-2024-5247 affects NETGEAR ProSAFE Network Management System. The UpLoadServlet unsafely handles user-supplied data, allowing unrestricted file uploads that can lead to remote code execution with SYSTEM privileges. Authentication is required to exploit, and multiple sources (ZDI advisories, NV...

Adobe Acrobat Reader DC JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

ROS-20240522-05

A vulnerability in the Hotspot component of Java SE software platforms, Oracle GraalVM Enterprise Virtual Machine Edition is related to insufficient input data validation. Exploitation of the vulnerability could allow A remote attacker to create, delete, or modify access to data Vulnerability in...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

CVE-2021-47309 affects the Linux kernel's net/tunnel code: skb_tunnel_info() may return a pointer to lwtstate->data without validating its type, risking out-of-bounds reads such as during VXLAN routing. Connected advisories (SUSE-SU-2024:2561-1 and related OSV/Nessus entries) confirm the fix i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a data validation problem in the ext4 module...

PT-2024-6480 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 128.0.6537.0 Description: The issue is related to insufficient data validation in the Updater component of Google Chrome, allowing a remote attacker to perform privilege escalation via a malicious file...

Cross-Site Scripting

Cacti is vulnerable to Cross-site scripting. The vulnerability is due to insufficient data validation in the formsave function in dataqueries.php, which is used to concatenate the HTML statement in the growrightpanetree function from html.php...

Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a data validation issue with netfilter...

Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of the can_map_frag() function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to cause a service failure.

The vulnerability of the canmapfrag function in the net/ipv4/tcp.c module of the Linux operating system’s IPv4 protocol implementation is related to the lack of necessary data validation checks. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

DEBIAN-CVE-2024-31443

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in formsave function in dataqueries.php is not thoroughly checked and is used to concatenate the HTML statement in growrightpanetree function from lib/html.php , finally resulting in...

SUSE-SU-2024:1635-2 Security update for tpm2-0-tss

This update for tpm2-0-tss fixes the following issues: - CVE-2024-29040: Fixed quote data validation by FapiVerifyQuote bsc1223690...

SUSE-SU-2024:1635-1 Security update for tpm2-0-tss

This update for tpm2-0-tss fixes the following issues: - CVE-2024-29040: Fixed quote data validation by FapiVerifyQuote bsc1223690...