CVE-2024-52064

The CVE-2024-52064 issue affects RTI Connext Professional (Core Libraries) and is due to a Buffer Copy without Checking Size of Input. Affected: Connext Professional versions 7.0.0–7.3.0.2 (before 7.3.0.2), 6.1.0–6.1.2.21, 6.0.0–6.0.1.40, and 5.0.0–5.3.1.45. Impact described as potential overflow...

CVE-2024-52064 Potential stack buffer write overflow in Connext applications while parsing malicious license file

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0...

CVE-2024-52063

CVE-2024-52063 is a buffer overflow in RTI Connext Pro (Core Libraries, Routing Service). Affects Connext Professional versions: 5.0.0–5.3.1.45, 6.0.0–6.0.1.40, 6.1.0–6.1.2.21, 7.0.0–7.3.0.4x (pre-7.3.0.5). The flaw is a Buffer Copy without Checking Size of Input while parsing XML types, enabling...

CVE-2024-52063 Potential stack buffer write overflow in Connext applications while parsing malicious XML types document

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before...

CVE-2024-52062 Potential stack buffer write overflow in Connext applications while parsing malicious XML types document

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0...

CVE-2024-52062 Potential stack buffer write overflow in Connext applications while parsing malicious XML types document

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0...

CVE-2024-52061 Potential stack buffer overflow when parsing an XML type

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Queuing Service, Recording Service, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before...

CVE-2024-52061 Potential stack buffer overflow when parsing an XML type

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Queuing Service, Recording Service, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before...

PT-2024-35112 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.0.0 through 5.3.1.45 RTI Connext Professional versions 6.0.0 through 6.0.1.40 RTI Connext Professional versions 6.1.0 through 6.1.2.21 RTI Connext Professional versions 7.0.0 through 7.3.0.5 RTI Connext...

[SECURITY] Fedora 40 Update: python3.11-3.11.11-1.fc40

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

CVE-2024-45337 Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

CVE-2024-45337

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +330 more potentially affected by CVE-2024-53677 via org.apache.struts:struts2-core (>=2.0.5 <=6.3.0.2)

org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.9, =1.2, =1.0, =1.0, =1.0.4 and more Source cves: CVE-2024-53677 Source advisory: OSV:GHSA-43MQ-6XMG-29VM...

[SECURITY] Fedora 40 Update: python3.14-3.14.0~a2-2.fc40

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

The vulnerability of the software for managing systems in the One-to-one Dell EMC OpenManage Server Administrator (OMSA) environment lies in insufficient validation of input data. This allows a malicious actor to trigger a service failure.

The vulnerability of the software for managing systems in the One-to-one Dell EMC OpenManage Server Administrator OMSA mode is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by loading malicious plugins or...

OpenSC: Multiple Vulnerabilities

Background OpenSC contains tools and libraries for smart cards. Description Multiple vulnerabilities have been discovered in OpenSC. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

php:8.2 security update

libzip php 8.2.25-1 - rebase to 8.2.25 RHEL-66166 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip...

[SECURITY] Fedora 41 Update: python3.12-3.12.8-2.fc41

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

BiliupApi (>=0.1.0 <=0.1.7), BrewStillery (>=6.0.1 <=6.0.2) +6288 more potentially affected by CVE-2024-12224 via idna (>=0.1.5 <=0.5.0)

idna CARGO version =0.1.5, =0.1.0, =6.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.3, =0.3.2, =1.0.3, =0.1.0, =0.1.0, =0.1.1, =0.1.8 and more Source cves: CVE-2024-12224 Source advisory: OSV:RUSTSEC-2024-0421...

[SECURITY] Fedora 41 Update: python3.11-3.11.11-1.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...