PT-2024-4792 · Siemens · Plm Xml Sdk +3

Name of the Vulnerable Software and Affected Versions: JT Open versions prior to V11.5 PLM XML SDK versions prior to V7.1.0.014 Teamcenter Visualization V14.2 versions prior to V14.2.0.13 Teamcenter Visualization V14.3 versions prior to V14.3.0.11 Teamcenter Visualization V2312 versions prior to...

IBM Engineering Requirements Management DOORS Next Code Issue Vulnerability

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A code issue vulnerability exists in IBM Engineering Requirements...

kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhcimapurbfordma The Linux kernel CVE team has assigned CVE-2024-26964 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T...

SUSE CVE-2023-28840

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which i...

The vulnerability of the libexpat XML file analysis library lies in the improper restriction on recursive references to objects in DTDs, which allows attackers to trigger a service failure.

The vulnerability of the libexpat library for analyzing XML files is related to improper restrictions on recursive references to objects in DTDs. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the generic_ops_supported() function in the EFI (Extensible Firmware Interface) driver of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the genericopssupported function in the drivers/firmware/efi/efi.c module of the EFI driver for the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Huawei PC Manager 安全漏洞

Huawei PC Manager is a computer management application from Huawei China. An Access Control Error vulnerability exists in Huawei PC Manager, which stems from improper interface access control, and can be exploited by an attacker to launch a UEFI shell and cause a memory leak...

SUSE CVE-2021-47228

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not be re-used by the kernel after ExitBootServices, efimemreserve is use...

CVE-2024-25724

In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's integrity, leak...

UBUNTU-CVE-2021-47228

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. In order for this memory to not be re-used by the kernel after ExitBootServices, efimemreserve is use...

ILIAS 安全漏洞

ILIAS is an open source learning management system. A security vulnerability exists in ILIAS versions 7.20 through 7.30, 8.4 through 8.10, and 9.0, which stems from a stored cross-site scripting XSS vulnerability that allows remote, authenticated attackers to inject arbitrary web script or HTML...

The vulnerability of UEFI (BIOS) microprogramming software in Huawei personal computers allows a hacker to execute arbitrary code.

The vulnerability of UEFI BIOS in Huawei personal computers is related to insufficient checking of exception states. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

The vulnerability of UEFI (BIOS) in Huawei personal computers allows a hacker to gain unauthorized access to arbitrary functions.

The vulnerability of UEFI BIOS in Huawei personal computers is related to improper control of access to the SMI handler interface. Exploiting this vulnerability can allow an attacker to gain unauthorized access to arbitrary functions...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation, Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a memory corruption vulnerability...

CVE-2024-34085

A vulnerability has been identified in JT2Go All versions V2312.0001, Teamcenter Visualization V14.1 All versions V14.1.0.13, Teamcenter Visualization V14.2 All versions V14.2.0.10, Teamcenter Visualization V14.3 All versions V14.3.0.7, Teamcenter Visualization V2312 All versions V2312.0001. The...

strongSwan Security Vulnerabilities

strongSwan is an open source IPsec-based VPN solution for use on Linux platforms by Andreas Steffen, an individual developer in Switzerland. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, and smart cards. A security...

CVE-2023-51601

Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this...

CVE-2023-42035

Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this...

CVE-2023-41205

D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-27328

Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system i...