958 matches found
USN-7179-1: Linux kernel vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
CVE-2024-9717
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...
CVE-2024-8842
PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2024-8842
PDF-XChange Editor is affected by CVE-2024-8842 due to an uninitialized memory access in the RTF file parsing path, enabling potential remote code execution. The flaw is triggered when a user opens a malicious RTF file or visits a page hosting exploit code, with the attacker gaining code executio...
CVE-2024-8842 PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability
PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2024-8842 PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability
PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2024-9717
CVE-2024-9717 affects Trimble SketchUp Viewer through the SKP file parser, where an uninitialized memory access allows remote code execution. The vulnerability enables an attacker to execute arbitrary code in the context of the target process when a user opens a malicious SKP file or visits a cra...
CVE-2024-9717 Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...
CVE-2024-9717 Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...
SUSE CVE-2024-50164
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overloading of MEMUNINIT's meaning Lonial reported an issue in the BPF verifier where checkmemsizereg has the following code: if !tnumisconstreg-varoff / For unprivileged variable accesses, disable raw mode so that the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a memory corruption problem during fq dma initialization...
DEBIAN-CVE-2024-50164
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overloading of MEMUNINIT's meaning Lonial reported an issue in the BPF verifier where checkmemsizereg has the following code: if !tnumisconstreg-varoff / For unprivileged variable accesses, disable raw mode so that the...
RHEL 6 / 7 : httpd24-httpd (RHSA-2017:2483)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2483 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: It was discovered...
Autodesk AutoCAD DXF File Parsing Unitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DX...
AZL-52089 CVE-2024-50076 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...
UBUNTU-CVE-2024-50076
In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in confontget font.data may not initialize all memory spaces depending on the implementation of vc-vcsw-confontget. This may cause info-leak, so to prevent this, it is safest to modify it to initialize...
ROS-20241021-03
Vulnerability of the tic4xprintcond function of the opcodes/tic4x-dis.c component of the GNU development tool Binutils is related to memory initialization errors. Exploitation of the vulnerability allows an attacker, acting remotely, to gain access to confidential data...
SUSE CVE-2024-47728
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...
AZL-50703 CVE-2024-47728 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...
AZL-50972 CVE-2024-47728 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...