799 matches found
Ubuntu: Security Advisory (USN-7208-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache Commons BCEL vulnerability (USN-7208-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7208-1 advisory. Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : GIMP DDS Plugin vulnerabilities (USN-7209-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7209-1 advisory. Jacob Boerema discovered that the GIMP DDS Plugin incorrectly processed DDS files due to a memory issue. An attacker could...
USN-7209-1 gimp-dds vulnerabilities
Jacob Boerema discovered that the GIMP DDS Plugin incorrectly processed DDS files due to a memory issue. An attacker could exploit this through a specifically crafted DDS file to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7209-1: GIMP DDS Plugin vulnerabilities
Jacob Boerema discovered that the GIMP DDS Plugin incorrectly processed DDS files due to a memory issue. An attacker could exploit this through a specifically crafted DDS file to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7208-1: Apache Commons BCEL vulnerability
Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this to generate and execute arbitrary bytecode...
USN-7203-1 pdns, pdns-recursor vulnerabilities
Wei Hao discovered that PowerDNS Authoritative Server incorrectly handled memory when accessing certain files. An attacker could possibly use this issue to achieve arbitrary code execution. CVE-2018-1046 It was discovered that PowerDNS Authoritative Server and PowerDNS Recursor incorrectly handle...
CVE-2024-46896 drm/amdgpu: don't access invalid sched
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 "drm/sched: memset 'job' in drmschedjobinit" accessing job-base.sched can produce unexpected results as the initialisation of job-base.sched done in amdgpujoballoc is...
PT-2025-1006 · Mozilla +10 · Thunderbird +11
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 134 Firefox ESR versions prior to 128.6 Firefox ESR versions prior to 115.19 Thunderbird versions prior to 134 Thunderbird versions prior to 128.6 Description: The issue is related to the use of memory after it has...
IBM MQ 9.3 < 9.3.0.26 LTS / 9.3 < 9.4 CD / 9.4 < 9.4.0.7 LTS (7178243)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7178243 advisory. - IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being...
PT-2024-37023 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the drm/panel: himax-hx83102 component, where a check was added to prevent a NULL pointer dereference. Th...
CVE-2024-56652 drm/xe/reg_sr: Remove register pool
In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Remove register pool That pool implementation doesn't really work: if the krealloc happens to move the memory and return another address, the entries in the xarray become invalid, leading to use-after-free later: BU...
IBM MQ Appliance Buffer Overflow Vulnerability (CNVD-2025-00311)
The IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from International Business Machines IBM. A buffer overflow vulnerability exists in IBM MQ Appliance versions 9.3 LTS, 9.3 CD, and 9.4 LTS, which originates when a message is written to...
Important: Red Hat Security Advisory: gstreamer1-plugins-base and gstreamer1-plugins-good security update
An update for gstreamer1-plugins-base and gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...
BIT-NODE-MIN-2024-27983
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a T...
CVE-2022-48063
...
CVE-2024-47834 GHSL-2024-280: Gstreamer Use-After-Free read in Matroska CodecPrivate
GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GSTMATROSKAIDCODECPRIVATE case within the gstmatroskademuxparsestream function, a dat...
PT-2024-9348 · Microsoft · Office Excel
Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to a remote code execution problem in Microsoft Excel. It involves the use of memory after it has been freed, which can be exploited by an attacker to execute...
CLSA-2024-1732197150 Fix of 20 CVEs
Update to 8u432-ga fixing a number of CVEs - CVE-2024-20918: missing array range check in C1 compiler leads to out-of-bounds access - CVE-2024-20919: unverified bytecode execution because of the flaw in JVM class file verifier - CVE-2024-20921: optimization issue of loop range check in IfNode and...
GPAC 资源管理错误漏洞
GPAC is an open source multimedia framework from GPAC Open Source. A resource management error vulnerability exists in GPAC version 2.3-DEV-revrelease, which stems from memory reuse after release...