PT-2024-34178 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.1.2930 build 20241025 QNAP QuTS hero versions prior to h5.2.1.2929 build 20241025 Description: A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system...

PT-2024-34176 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.1.2930 build 20241025 QNAP QuTS hero versions prior to h5.2.1.2929 build 20241025 Description: A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system...

CVE-2024-36461

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

CVE-2024-36461

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

CVE-2024-36461 Direct access to memory pointers within the JS engine for modification

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine...

CVE-2024-36461

CVE-2024-36461 affects Zabbix where a user can directly modify memory pointers in the JavaScript engine, enabling remote code execution with limited privileges. Public advisories in multiple distros corroborate the vulnerability and list patches: openSUSE/SUSE notes CVE-36461 fixed in Zabbix 6.0....

AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1942 AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability May 28, 2024 CVE Number CVE-2024-21785 SUMMARY A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E...

CVE-2023-37192

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing...

Video Downloader 安全漏洞

Video Downloader is a video download application. A security vulnerability exists in Video Downloader version 1.0.6, which stems from the fact that an attacker can modify the data in any file that is loaded into memory when the application is opened...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2023:2259-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2259-1 advisory. - In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of minimasks function could le...

GLSA-202305-16 : Vim, gVim: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-16 Vim, gVim: Multiple Vulnerabilities - Use after free in utfptr2char in GitHub repository vim/vim prior to 8.2.4646. CVE-2022-1154 - heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...

Security Bulletin: IBM Content Manager Enterprise Edition is affected by a vulnerability in Eclipse Openj9

Summary There is a vulnerability in Eclipse Openj9 used by IBM Content Manager Enterprise Edition. IBM Content Manager Enterprise Edition has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security...

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

Information disclosure

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

Information disclosure

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

CVE-2023-0206

The CVE-2023-0206 entry affects NVIDIA DGX A100 SBIOS and describes an attack surface where an attacker may modify arbitrary memory in SMRAM by exploiting the NVME SMM API, potentially leading to denial of service, privilege escalation, and information disclosure. The NVIDIA firmware security bul...

CVE-2023-0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...

CVE-2023-0202

CVE-2023-0202 affects NVIDIA DGX A100 SBIOS. An attacker can modify arbitrary memory in SMRAM by abusing the GenericSio and LegacySmmSredir SMM APIs, potentially causing denial of service, privilege escalation, and information disclosure. The issue is acknowledged in NVIDIA’s March 2023 bulletin ...

CVE-2023-0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure...