CVE-2024-23907

Uncontrolled search path in some IntelR High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

[SECURITY] Fedora 39 Update: pypy-7.3.16-2.fc39

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

Fedora: Security Advisory (FEDORA-2024-c5152808e4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Intel® High Level Synthesis Compiler Software Advisory

Summary: A potential security vulnerability in some Intel® High Level Synthesis Compiler software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-23907 Description: Uncontrolled search path in...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to several issues due to the go compiler

Summary Golang compiler is used by IBM Cloud Pak for Data to build various binaries. CVE-2023-27561, CVE-2023-28642, CVE-2023-25809, CVE-2022-32149, CVE-2022-41723, CVE-2022-41721, CVE-2022-27664, CVE-2022-29162, CVE-2021-43784, CVE-2023-2517 Vulnerability Details CVEID:CVE-2023-27561 DESCRIPTION...

[SECURITY] Fedora 40 Update: mingw-qt6-qtbase-6.7.2-3.fc40

This package contains the Qt software toolkit for developing cross-platform applications. This is the 32-bit Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

[SECURITY] Fedora 40 Update: mingw-qt5-qtbase-5.15.14-4.fc40

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

SUSE CVE-2024-42161

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPFCOREREADBITFIELD Changes from V1: - Use a default branch in the switch statement to initialize val'. GCC warns that val' may be used uninitialized in the BPFCREREADBITFIELD macro, defined in...

Security Bulletin: Vulnerability in Go affect Cloud Pak System [CVE-2023-39323]

Summary Vulnerability in Golang Go affect Cloud Pak System. Vulnerability Details CVEID:CVE-2023-39323 DESCRIPTION: Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by improper enforcement of line directive restrictions in the "//go:cgo" directives. By...

SUSE SLES12 Security Update : orc (SUSE-SU-2024:2643-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2643-1 advisory. - CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages for certain input files bsc1228184...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : orc (SUSE-SU-2024:2663-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2663-1 advisory. - CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages fo...

SUSE-SU-2024:2663-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages for certain input files bsc1228184...

Security Bulletin: IBM Cloud Pak for Data is vulnerable to golang compiler ( CVE-2022-32190 )

Summary Golang compiler is used by IBM Cloud Pak for Data to build various binaries. CVE-2022-32190 Vulnerability Details CVEID:CVE-2022-32190 DESCRIPTION: Golang Go could allow a remote attacker to traverse directories on the system, caused by not remove ../ path elements appended to a relative...

CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-40897

CVE-2024-40897 concerns the ORC library. A stack-based buffer overflow in orcparse.c affects ORC versions prior to 0.4.39, which could allow arbitrary code execution in a developer build environment when processing crafted files. The vulnerability primarily impacts developers and CI environments ...

CVE-2024-40897

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...