23182 matches found
Adobe Acrobat Reader 代码问题漏洞
Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a security vulnerability that can be exploited by an attacker to cause a denial of service...
PT-2024-10222 · Document Foundation +5 · Libreoffice +5
Name of the Vulnerable Software and Affected Versions: LibreOffice versions 24.8 through 24.8.3 Description: The issue is related to an improper limitation of a pathname to a restricted directory, allowing absolute path traversal. An attacker can write to arbitrary locations, albeit suffixed with...
Autodesk FBX-SDK 缓冲区错误漏洞
Autodesk FBX-SDK is a C++ software development platform and API toolkit from Autodesk, Inc. that is primarily used to convert existing content to FBX format. A security vulnerability exists in Autodesk FBX-SDK that stems from a possible forced out-of-bounds write vulnerability when Autodesk FBX S...
CVE-2024-53589
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility when processing tekhex format files. During format identification, the vulnerability occurs in the Binary File Descriptor BFD library’s tekhex parser. A specially crafted tekhex file, when processed by objdump, may trigger an...
CVE-2024-50402
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
CVE-2024-50403
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
CVE-2024-50403 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
CVE-2024-50402 QTS, QuTS hero
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
AZL-54087 CVE-2024-53142 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
QNAP Systems QTS和QuTS hero 格式化字符串错误漏洞
QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. QNAP Systems QTS and QuTS hero have a format string error vulnerability that stems from a format stri...
PT-2024-10311 · Qnap · Qnap Qts +1
Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.2.2950 build 20241114 QNAP QuTS hero versions prior to 5.2.2.2952 build 20241116 Description: A use of externally-controlled format string issue has been reported to affect several QNAP operating system versions...
QNAP Systems QTS和QuTS hero 格式化字符串错误漏洞
QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an entry operating system.QNAP Systems QuTS hero is an operating system. QNAP Systems QTS and QuTS hero have a format string error vulnerability that stems from a format stri...
CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...
CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...
UBUNTU-CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...
CLSA-2024-1733420952 cups: Fix of CVE-2023-32324
CVE-2023-32324: Fix heap buffer overflow vulnerability in formatlogline function...
CVE-2024-54001
CVE-2024-54001 affects Kanboard: HTML can be injected via settings fields application_language, application_date_format, application_timezone, and application_time_format, reflected to users and potentially executed as XSS if input contains JavaScript that bypasses CSP. Root cause is unescaped us...
CVE-2024-53589
CVE-2024-53589 affects GNU objdump 2.43 (part of the GNU binutils suite). The vulnerability is a Buffer Overflow in the BFD library when processing tekhex format files. Reports indicate a high-severity issue (CVSS v3.1: AV=L, AC=L, PR=N, UI=N, S=U, C=H, I=H, A=H) with local attack vector and no u...
CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...
CVE-2024-53589
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...