CVE-2024-23131

A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to...

[SECURITY] Fedora 38 Update: rust-cargo-c-0.9.28-4.fc38

Helper program to build and install c-like libraries...

PT-2024-1947 · Delta Electronics · Cncsoft-B Dopsoft

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-B DOPSoft versions prior to 4.0.0.82 Description: The issue is related to the insecure loading of libraries, which may allow an attacker to use DLL hijacking and take over the system where the software is installed...

The vulnerability of the toolset and development libraries of the Intel SDK for OpenCL Applications lies in the uncontrolled search path element, which allows attackers to escalate their privileges.

The vulnerability of the toolset and development libraries of the Intel SDK for OpenCL Applications is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2024-8051 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue is related to a use-after-free vulnerability in the atf dwg consumer.dll, rose x64 vc15.dll, and libodxdll libraries of Autodesk AutoCAD. This vulnerability can be...

[SECURITY] Fedora 39 Update: rust-cargo-c-0.9.28-4.fc39

Helper program to build and install c-like libraries...

Fedora: Security Advisory for rust-cargo-c (FEDORA-2024-8ba389815f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries

A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle July 2023 Critical Patch Update. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause low confidentiality impacts. CV...

Description of Security Update 12 for Exchange Server 2016: March 12, 2024 (KB5036386)

Description of Security Update 12 for Exchange Server 2016: March 12, 2024 KB5036386 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE and security advisory:...

Moderate: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:0786 Moderate: nss security update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: vulnerable to Minerva side-channel information leak CVE-2023-6135 For more details about the security issues, including t...

CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

DEBIAN-CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

Design/Logic Flaw

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

UBUNTU-CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

GHSA-X5J2-G63M-F8G4 pqc_kyber KyberSlash: division timings depending on secrets

Various Kyber software libraries in various environments leak secret information into timing, specifically because these libraries include a line of code that divides a secret numerator by a public denominator, the number of CPU cycles for division in various environments varies depending on the...

PT-2024-14528 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is not required to exploit this issue. The specific flaw exists...

[SECURITY] Fedora 39 Update: kernel-headers-6.7.3-200.fc39

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...