404 matches found
CVE-2023-45924
libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
CVE-2023-45919
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
UBUNTU-CVE-2023-45925
DISPUTED GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
UBUNTU-CVE-2023-46048
DISPUTED Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem...
UBUNTU-CVE-2023-46046
DISPUTED An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via tiexpr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files...
CVE-2023-45931
Mesa 23.0.4 was discovered to contain a NULL pointer dereference in checkxshm for the haserror state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated...
DEBIAN-CVE-2023-45931
Mesa 23.0.4 was discovered to contain a NULL pointer dereference in checkxshm for the haserror state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated...
UBUNTU-CVE-2023-45931
DISPUTED Mesa 23.0.4 was discovered to contain a NULL pointer dereference in checkxshm for the haserror state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated...
CVE-2023-31854
std::badalloc is mishandled in Precomp 0.4.8. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-46052
Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...
CVE-2023-46052
Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...
CVE-2023-31854
CVE-2023-31854 concerns Precomp 0.4.8, where the program mishandles std::bad_alloc. The description notes that this is disputed and should be categorized as a usability problem, which is reflected across multiple sources (NVD/Red Hat/CVE listings). The connected documents confirm the affected com...
CVE-2023-45919
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
CVE-2023-46049
CVE-2023-46049 describes a NULL pointer dereference in LLVM 15.0.0’s parseOneMetadata() when processing a crafted pdflatex.fmt (or possibly a crafted .o) fed to llvm-lto. The connected Nessus/OpenVAS advisories (TencentOS/Tencent Linux, EulerOS) explicitly cite this description block and note the...
CVE-2023-45913
Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId. This vulnerability is triggered when the X11 server sends an DRI2BufferSwapComplete event unexpectedly when the application is using DRI3. NOTE: this is disputed because there is ...
CVE-2023-45931
Mesa 23.0.4 was discovered to contain a NULL pointer dereference in checkxshm for the haserror state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrated...
CVE-2023-45920
Xfig v3.2.8 contains a NULL pointer dereference in XGetWMHints(), CVE-2023-45920. Multiple connected advisories confirm the issue and note that its remediation has been released: Mageia (MGASA-2024-0125), SUSE (SUSE-SU-2024:1196-1), and OSV entries indicate fixes. Descriptions consistently state ...
CVE-2023-46047
An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...
CVE-2023-46052
Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...
UBUNTU-CVE-2024-24479
DISPUTED A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/tostr.c, and formatfractionalpartnsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected...