CVE-2024-26001 PHOENIX CONTACT: Out of bounds write only memory access

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26001 PHOENIX CONTACT: Out of bounds write only memory access

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26000

CVE-2024-26000 affects Phoenix Contact CHARX SEC-3100 devices due to an out-of-bounds read in the MQTT stack caused by improper input validation. An unauthenticated remote attacker can read memory, with memory randomization reducing brute-force effectiveness. Multiple connected sources confirm th...

PT-2024-21273 · Phoenix Contact · Charx Sec-3100

Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3100 affected versions not specified Description: An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful...

kernel: x86/mm: Randomize per-cpu entry area

A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...

CVE-2024-20748

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20747

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20735

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20734

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction i...

CVE-2024-20722

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

PT-2024-1765 · Adobe · Substance3D - Painter

Name of the Vulnerable Software and Affected Versions: Substance3D - Painter versions 9.1.1 and earlier Description: The issue is related to an out-of-bounds read operation in memory, which could allow an attacker to disclose sensitive information. Exploitation of this issue requires user...

WordPress plugin File Manager security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-1701 · Adobe · Acrobat Reader +3

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat versions prior to 20.005.30539 Adobe Acrobat Reader versions prior to 20.005.30539 Adobe Acrobat 2020 versions prior to 20.005.30539 Adobe Reader 2020 versions prior to 20.005.30539 Acrobat Reader versions 20.005.30539 and earli...

CVE-2024-20715

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

CVE-2024-20710

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

MediaTek Chip Security Breach

MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from the wlan driver using insufficiently randomized values, which may result in PIN cracking...

CVE-2023-47078

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

CVE-2023-47077

Adobe InDesign versions 19.0 and earlier and 17.4.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...