CVE-2022-50795 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via traceroute.php

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...

AzeoTech DAQFactory Use After Release Vulnerability

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a release-after-use vulnerability that originates from a release-after-reuse vulnerability in the parsing of a specially craft...

AzeoTech DAQFactory 资源管理错误漏洞

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a release-after-use vulnerability that originates from a release-after-reuse vulnerability in the parsing of a specially craft...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition for RPC handle list access that could result in data corruption or release after use...

SUSE SLES15 Security Update : podofo (SUSE-SU-2025:03533-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03533-1 advisory. - fixed a free-after-use in PdfTokenizer bsc1249105 Tenable has extracted the preceding description block directly from the SUSE security advisory. No...

SUSE-SU-2025:03533-1 Security update for podofo

This update for podofo fixes the following issues: - fixed a free-after-use in PdfTokenizer bsc1249105...

ROS-20250409-01

A vulnerability in the NFSD component of the Linux kernel is related to the dereferencing of a NULL pointer in the nfsd4processcbupdate function in fs/nfsd/nfs4callback.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the ALSA compone...

ROS-20250325-01

A vulnerability in the net component of the Linux kernel is related to a read error outside the allowed range in drivers/net/wwan/wwancore.c. valid range in drivers/net/wwan/wwancore.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the n...

ROS-20250314-01

Vulnerability of x86/bugs components of Linux operating system kernel is related to resource management errors in the arch/x86/include/asm/nospec-branch.h file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mptcp component of the Lin...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from a read-after-use issue in tipcnamedreinit...

crypto: aeadcipher - zeroize key buffer after use

...

UBUNTU-CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

UBUNTU-CVE-2023-52679

In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap In ofparsephandlewithargsmap the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired by the previous iteration of the inner loop. Thi...

Rockwell Automation Arena Simulation Software 资源管理错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A free after-use vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by attackers to insert...

Huawei HarmonyOS 资源管理错误漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A memory misreference hole exists in Huawei HarmonyOS...

Siemens Solid Edge, JT2Go and Teamcenter Free After Use Vulnerability

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM, and TIF data.Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing, and design management.Teamcente...

Siemens 多款产品 资源管理错误漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM, and TIF data.Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing, and design management.Teamcente...

DEBIAN-CVE-2023-29480

Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use...

Google Pixel 资源管理错误漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from free after use and may write out of bounds...

Siemens JT2Go和Teamcenter 资源管理错误漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...