PT-2024-18181 · Bl2 · Bl2

Name of the Vulnerable Software and Affected Versions: Bootloader versions c2f286820471ed276c57e603762bd831873e5a17 and later Description: The issue occurs during the secure boot process, where the second stage of the bootloader, bl2, loops over images defined in the table "bl2 mem params descs"...

nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string

An encoding error flaw exists in the Node.js code that is used to read a peer certificate in the TLS client authentication. An attacker can use this flaw to crash the process used to handle TLS client authentication...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are caused by an operation that goes beyond the buffer boundaries in memory, allowing an attacker to trigger a service failure.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird arise from an operation that goes beyond the buffer boundaries in memory when reading certificates from the disk. Exploiting these vulnerabilities can allow a malicious actor to cause service failures using...