Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from software installed and run as an unprivileged user may be able to execute GPU system calls to read and write freed physical memory from the GPU...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from software installed and run as an unprivileged user may be able to execute GPU system calls to read and write freed physical memory from the GPU...

CVE-2024-47600

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...

CVE-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gstwavparseadtlchunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer. ...

CVE-2024-47600 GHSL-2024-248: GStreamer has an OOB-read in format_channel_mask

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...

CVE-2024-47543 GHSL-2024-236: GStreamer has an OOB-read in qtdemux_parse_container

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in qtdemuxparsecontainer function within qtdemux.c. In the parent function qtdemuxparsenode, the value of length is not well checked. So, if length is big enough, it causes t...

PT-2024-16873 · Autodesk · Autodesk Revit

Name of the Vulnerable Software and Affected Versions: Autodesk Revit affected versions not specified Description: A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. This issue can be leveraged by a malicious actor to cause a crash or could lead t...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from software installed and run as an unprivileged user that may make improper GPU system calls to enable unauthorized reads and writes to physical memory of the...

CVE-2024-34594

Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address...

Astra Linux – Vulnerability in Firefox

An attacker could have caused a use-after-free in the JavaScript engine, allowing them to read memory from the JavaScript string section of the heap. This vulnerability affects Firefox versions earlier than 127...

CVE-2024-36699

A flaw was found in GNU Debugger in versions 8.2 through 14.2. This issue contains a buffer overflow via the gdb.selectedinferior.readmemory component at utils.c...

CVE-2024-36699

The connected records indicate a vulnerability in GNU Debugger (GDB) affecting versions 8.2 through 14.2, caused by a buffer overflow in gdb.selected_inferior().read_memory within utils.c. Red Hat notes a buffer overflow in this component; SUSE and OSV references reinforce the issue as CVE-2024-3...

CVE-2024-36699

...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A post-release reuse vulnerability exists in versions prior to Mozilla Firefox 127, which can be exploited by an attacker to read memory in the JavaScript string portion of the heap...

CVE-2024-23527

An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory...

OESA-2024-1438 jpegoptim security update

Jpegoptim is an utility to optimize JPEG files. Provides lossless optimization based on optimizing the Huffman tables and "lossy" optimization based on setting maximum quality factor. Security Fixes: JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ...

PT-2024-18744 · Unknown · Libsubextractor.So

Name of the Vulnerable Software and Affected Versions: libsubextractor.so versions prior to SMR Mar-2024 Release 1 Description: The issue is an out of bounds read vulnerability in the ssmis get frm function within libsubextractor.so. This allows local attackers to read out of bounds memory...

CVE-2024-20748

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20742 Adobe Substance 3D Paint RAS File Parsing Out-Of-Bounds Read Vulnerability

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...

PT-2023-35651 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 1 crash type. The crash state involves functions such as htmlParseDocument, htmlDoRead, and...