Johnson Controls iSTAR Configuration Utility security vulnerability

Johnson Controls iSTAR Configuration Utility is a software tool developed by Johnson Controls for configuring and managing iSTAR Controllers. Versions of the ICU 6.9.7 and earlier contain security vulnerabilities; these vulnerabilities stem from stack buffer overflows, which may lead to operating...

The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to cause system failures.

The vulnerability of embedded Qualcomm software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause system failures...

The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to cause system failures.

The vulnerability of embedded Qualcomm software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause system failures...

The vulnerability of the gpiolib-cdev.c component in the Linux operating system’s kernel allows a hacker to cause service interruptions as well as trigger system failures.

The vulnerability of the gpiolib-cdev.c component in the Linux operating system is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause service failures...

A week with a "smart" car

Welcome to this week's edition of the Threat Source newsletter. June 9 was Whit Monday -- a bank holiday here in Germany -- so I decided to take the whole week off. It turned out to be the perfect opportunity to try out a brand new car. Little did I know, I was about to get a crash course in mode...

The vulnerability of Intel graphics processor microsoftware relates to the execution of operations beyond buffer boundaries in memory. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of Intel graphics processor microsoftware is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or cause system failures...

The vulnerability of Intel graphics processor microsoftware, related to insufficient checking of input data, allows a hacker to trigger a service failure.

The vulnerability of Intel graphics processor microsoftware is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to cause system failures...

The vulnerability in the kernel implementation of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors allows a hacker to cause service failures.

The vulnerability of the kernel-based implementations of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause system failures...

The vulnerability of the kernel-level driver nvlddmkm.sys from NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, allows attackers to cause system failures or gain unauthorized access to protected information.

The vulnerability of the kernel mode driver nvlddmkm.sys of NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause system failures or gain unauthorized...

Vulnerability of the hv_uio_cleanup() function in the drivers/uio/uio_hv_generic.c module – Linux kernel’s input/output driver that allows a hacker to cause a service failure

Vulnerability of the hvuiocleanup function in the drivers/uio/uiohvgeneric.c module – Linux kernel’s input/output driver support has a vulnerability that exposes confidential information. Exploiting this vulnerability could allow an attacker to cause system failures...

Vulnerability of the auto_active() function in the drivers/gpu/drm/i915/i915_active.c module – A driver for supporting Linux kernel’s Direct Rendering Infrastructure (DRI), which allows a hacker to trigger a service failure.

Vulnerability of the autoactive function in the drivers/gpu/drm/i915/i915active.c module – The driver for Linux’s Direct Rendering Infrastructure DRI kernel is vulnerable due to improper input validation. Exploiting this vulnerability could allow an attacker to cause system failures...

Vulnerability of the ci_hdrc_imx_probe() function in the drivers/usb/chipidea/ci_hdrc_imx.c module – This driver provides support for USB devices on Linux kernels. It can be exploited by attackers to cause system failures.

Vulnerability of the cihdrcimxprobe function in the drivers/usb/chipidea/cihdrcimx.c module – The Linux kernel’s USB device support driver is vulnerable due to a pointer issue related to NULL pointers. Exploiting this vulnerability could allow an attacker to cause system failures...

Linux Distros Unpatched Vulnerability : CVE-2024-57881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In...

The vulnerability of the integrated data streaming accelerator Intel Data Streaming Accelerator (Intel DSA), a microprogramming-based software component of Intel processors, arises due to incorrect sequence of processor instructions. This vulnerability allows attackers to trigger a system failure.

The vulnerability of the integrated data streaming accelerator Intel Data Streaming Accelerator Intel DSA in Intel microcomputer software is related to incorrect sequence of processor instructions. Exploiting this vulnerability can allow attackers to cause system failures...

The vulnerability of the KONG microprogramming software for Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapters and Broadcom NetXtreme-E family Ethernet controllers allows a malicious actor to execute arbitrary code and cause system failures.

The vulnerability of the KONG microprogramming software-based Broadcom P225p NetXtreme-E dual-port 10Gb/25Gb Ethernet PCIe adapter relates to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code and cause system failures...

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.

The vulnerability of the DWFX software for viewing 3D models and project documents, as well as the software for modeling and analysis of 3D models Autodesk Navisworks Freedom, the software for analyzing, coordinating, and verifying 3D models and project data Autodesk Navisworks Manage, is related...

The vulnerability of the UEFI Firmware component of Intel microprogramming systems, related to resource release errors, allows a hacker to cause a system failure.

The vulnerability of the UEFI Firmware component of Intel microprocessors is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause system failures...

The vulnerability of embedded software developed by Qualcomm, related to operations that occur outside of the buffer in memory, allows attackers to disclose protected information or cause system failures.

The vulnerability of embedded Qualcomm software is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information or cause system failures...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to execute arbitrary code and disclose protected information.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to initialization errors. Exploiting this vulnerability allows an attacker to cause system failures and disclose sensitive information...

The vulnerability of the NVIDIA GPU Display Driver software driver allows a hacker to execute arbitrary code and disclose protected information.

The vulnerability of the NVIDIA GPU Display Driver software driver is related to the assignment of a zero pointer. Exploiting this vulnerability allows an attacker to cause system failures and disclose sensitive information...