296 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-42083)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42083 advisory. - In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic due to multi-...
BIT-RUBY-MIN-2020-10933
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...
The vulnerability of the sub_422eb8() function in Linksys E8450 Wi-Fi router software allows a hacker to induce a service failure.
The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogrammed software involves copying buffers without checking the size of the input data during the strcopy parameter processing. Exploiting this vulnerability can allow an attacker to cause service interruptions...
CVE-2024-57943
In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...
PT-2025-36282
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the as73211 driver related to the handling of buffers. Specifically, the vulnerability involves ensuring that buffers are zeroed before being...
CLSA-2024-1735310784 Fix CVE(s): CVE-2024-11233
SECURITY UPDATE: Out-of-bounds read in quoted-printable decoder - debian/patches/CVE-2024-11233.patch: Fix buffer handling in convert.quoted-printable-decode filter to prevent one-byte out-of-bounds read - CVE-2024-11233...
CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
Low: opensc
Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...
Low: opensc
Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...
Low: opensc
Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...
Amazon Linux 2023 : opensc (ALAS2023-2024-775)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-775 advisory. It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially...
USN-7131-1: Vim vulnerability
It was discovered that Vim incorrectly handled memory when closing a buffer, leading to use-after-free. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service...
The vulnerabilities of the ctl_write_buffer() and ctl_read_buffer() functions in the ctl subsystem of the FreeBSD operating system allow a hacker to execute arbitrary code.
The vulnerability of the ctlwritebuffer and ctlreadbuffer functions in the ctl subsystem of the FreeBSD operating system is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2024-48984
CVE-2024-48984 affects MBed OS 6.16.0. The issue lies in HCI report parsing: the code dynamically determines the length of a reports list from an input byte and uses that to locate subsequent reports. It does not verify that these addresses stay within the target buffer passed to hciEvtProcessLeE...
CVE-2024-53059
Technical details (affected products, root cause, impact, fixes) for CVE-2024-53059 are not provided in the supplied connected documents. Monitor for updates from upstream advisories.
PT-2024-8773 · Intel +1 · Intel Vpl +1
Name of the Vulnerable Software and Affected Versions: Intel VPL versions prior to 24.1.4 Description: The issue is related to improper buffer restrictions in Intel VPL software, which may allow an authenticated user to potentially enable escalation of privilege via local access. This is due to t...
EulerOS 2.0 SP9 : vim (EulerOS-SA-2024-2823)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack...
The vulnerability of the Console component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows a perpetrator to cause a service failure.
The vulnerability of the Console component of the Oracle WebLogic Server application server software, part of the Oracle Fusion Middleware platform, relates to improper cleaning or release of resources due to copying of buffers without checking the size of the input data. Exploiting this...
SUSE-SU-2024:3443-1 Security update for opensc
This update for opensc fixes the following issues: - CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. bsc1230076 - CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. bsc1230075 - CVE-2024-45618: Uninitialized values after incorrect or...
AZL-48768 CVE-2024-45616 affecting package opensc 0.23.0-5
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...