RHEL 6 : spice-gtk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spice-gtk: Integer overflows causing buffer overflows in spice-client CVE-2017-12194 - The spice-gtk widg...

RHEL 6 : sox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: buffer overflow read vulnerability CVE-2021-3643 - sox: heap-based buffer overflow vulnerability...

RHEL 6 : libtiff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtiff: Heap-based buffer over-read in bmp2tiff CVE-2017-9117 - Heap-based buffer overflow in the...

RIOT 2024.01 Buffer Overflows / Lack Of Size Checks / Out-Of-Bound Access

-- HNS-2024-07 - HN Security Advisory - https://security.humanativaspa.it/ Title: Multiple vulnerabilities in RIOT OS OS: RIOT Date: 2024-05-07 CVE ID and severity: CVE-2024-31225 - High CVE-2024-32017 - Critical CVE-2024-32018 - High low-severity vulnerabilities were not assigned a CVE ID Vendor...

ROS-20240503-01

A vulnerability in the Web Audio component of Microsoft Edge and Google Chrome browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Skia graphics library of Google Chro...

[SECURITY] [DLA 3805-1] qtbase-opensource-src security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3805-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 01, 2024 https://wiki.debian.org/LTS -...

ALSA-2024:2264 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...

SUSE-SU-2024:1470-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: - CVE-2024-31578: Fixed heap use-after-free via avhwframectxinit when vulkanframes init failed bsc1223070 - CVE-2023-49502: Fixed heap buffer overflow via the ffbwdiffilterintrac function in libavfilter/bwdifdsp.c bsc1223235 - CVE-2023-51793:...

[SECURITY] [DLA 3797-1] frr security update

Debian LTS Advisory DLA-3797-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost April 28, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u2 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...

Mageia: Security Advisory (MGASA-2024-0145)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated editorconfig-core-c packages fix security vulnerability

pointer overflow in STRINGCAT and a few more stack buffer overflows...

CVE-2024-26915 drm/amdgpu: Reset IH OVERFLOW_CLEAR bit

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOWCLEAR bit Allows us to detect subsequent IH ring buffer overflows as well...

ROS-20240402-13

Vulnerability in picparameterset::dump function of h.265 Libde265 video codec implementation is related to multiple buffer overflows via numtilecolumns and numtilerow parameters. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2212

Summary: CVE-2024-2212 affects Eclipse ThreadX prior to 6.4.0 due to missing parameter checks in the FreeRTOS compatibility API functions xQueueCreate() and xQueueCreateSet() (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c). This can cause integer wraparound, under-allocations, and heap...

The vulnerability of the TDDP protocol used for debugging TP-LINK network devices stems from the possibility of buffer overflows, which allows attackers to cause service failures.

The vulnerability of the TDDP protocol used for debugging TP-LINK network devices is related to the possibility of buffer overflows. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially crafted UDP packets...

SUSE-SU-2024:0882-1 Security update for hdf5

This update for hdf5 fixes the following issues: Updated to version 1.10.11 Changed the error handling for a not found path in the find plugin process. Fixed CVE-2018-11202, a malformed file could result in chunk index memory leaks. Fixed a file space allocation bug in the parallel library for...

BIT-TENSORFLOW-2021-29520 Heap buffer overflow in `Conv3DBackprop*`

TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to tf.rawops.Conv3DBackprop operations can result in heap buffer overflows. This is because the...

BIT-PILLOW-2020-10379

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...