Adobe Acrobat Reader Buffer Error Vulnerability

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A buffer error vulnerability previously existed in Adobe Acrobat Reader version 23.003.20244, which stems from being affected by the Access to Uninitialized Pointer...

MIT Kerberos Buffer Error Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability...

Heap overflow

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...

CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...

kernel: RDMA/rxe: Fix "kernel NULL pointer dereference" error

A NULL pointer dereference vulnerability was found in the RXE Soft-RoCE RDMA driver in the Linux kernel. When rxequeueinit fails during queue pair initialization in rxeqpinitreq, the task function and argument pointers qp-req.task.func and qp-req.task.arg remain uninitialized. The cleanup functio...

Autodesk 3ds Max 缓冲区错误漏洞

Autodesk 3ds Max is a full-featured, three-dimensional computer graphics software from the American company Autodesk. A security vulnerability exists in Autodesk 3ds Max USD version 0.4, which originates from the possibility that an attacker could trick a user into opening a malicious USD file,...

SUSE CVE-2006-6144

The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon kadmind and other products that use this library, allows remote attackers to cause a denial of service crash via unspecified vectors that cause mechglue to free...

SUSE CVE-2020-5972

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10....

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Bluetooth module of the Qualcomm chip,...

CVE-2022-38138

The Triangle Microworks IEC 61850 Library Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the C++, C, or Java language library with a version number of 5.0.1 or earlier and 60870-6 ICCP/TASE.2 Library Any client or server...

CVE-2022-38138

The CVE-2022-38138 vulnerability affects Triangle Microworks IEC 61850 Library (C: 11.2.0 and earlier) and IEC 60870-6 ICCP/TASE.2 Library (C++: 4.4.3 and earlier); as well as the C++, C#, or Java variants (5.0.1 and earlier). Root cause: access to a small set of uninitialized pointers in the lib...

Ansys SpaceClaim 缓冲区错误漏洞

Ansys SpaceClaim is a solid modeling CAD software from Ansys Corporation. A security vulnerability exists in Ansys SpaceClaim 2022 R1, which arises from the parsing of XB files that are not properly initialized before accessing pointers, allowing an attacker to execute code in the context of the...

多款Triangle Microworks产品缓冲区错误漏洞

Triangle Microworks TMW IEC 61850 Software Library and Triangle Microworks TMW IEC 60870-6 ICCP/TASE.2 Software Library are both SCADA communication protocol software libraries from Triangle Microworks, Inc. Triangle Microworks TMW IEC 60870-6 ICCP/TASE.2 Software Library are SCADA communication...

SUSE: Security Advisory (SUSE-SU-2022:2292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2292-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2021-21707: Fixed a special character breaks path in xml parsing. bsc1193041 - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. bsc1200645 - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using...

SUSE: Security Advisory (SUSE-SU-2022:2275-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2275-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. bsc1200645 - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdomysql extension with mysqlnd driver. bsc1200628...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in several CODESYS products, which can be exploited by a low-privileged remote attacker to craft a request that results in read access to uninitialized pointers, leading to a deni...

SUSE: Security Advisory (SUSE-SU-2022:2161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2161-1 Security update for php74

This update for php74 fixes the following issues: - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. bsc1200645 - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdomysql extension with mysqlnd driver. bsc1200628...