Insufficient Randomization And Data Exposure

github.com/consensys/gnark is vulnerable to Insufficient Randomization and Data Exposure. The vulnerability is due to the lack of additional randomized values in the commitments, which allows an attacker to deduce the witness values through enumeration if those values are small...

SUSE CVE-2024-44959

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

CVE-2024-44959

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

CVE-2024-44959

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

CVE-2024-44959

The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...

CVE-2024-44959 tracefs: Use generic inode RCU for synchronizing freeing

In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. ilru or isblist to not...

CVE-2024-41832

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...

CVE-2024-41833

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...

CVE-2024-34126

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must...

CVE-2024-20790

Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must...

PT-2024-29604 · Adobe · Substance3D - Sampler

Name of the Vulnerable Software and Affected Versions: Substance3D - Sampler versions 4.5 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as Addres...

PT-2024-25708 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.11 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

PT-2024-25707 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.11 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

PT-2024-5922 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier Description: The issue is related to a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage...

CVE-2022-25477

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-073)

The version of kernel installed on the remote host is prior to 5.4.149-73.259. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-073 advisory. A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, t...

The vulnerability of Adobe Audition relates to the operation of operations beyond buffer boundaries in memory. This allows attackers to exploit the protected information and bypass the ASLR protection mechanism.

The vulnerability of Adobe Audition is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information and bypass the ASLR protection mechanism...

PT-2024-4223 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 23.6.5, 24.3 and earlier Description: The issue is related to an out-of-bounds read vulnerability in the Adobe Media Encoder application, which could allow an attacker to disclose sensitive memory information. Thi...

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory. This allows attackers to gain unauthorized access to protected information and circumvent the ASLR protection mechanism.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information and bypass security mechanisms like...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in the possibility of an operation going beyond the buffer in memory. This allows attackers to gain unauthorized access to protected information and circumvent the ASLR protection mechanism.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and bypass the...