PT-2025-28848

Name of the Vulnerable Software and Affected Versions: Git versions 2.43.7 through 2.49.1 Description: The issue allows for the creation and truncation of any writable file when a user clones an untrusted repository and runs Gitk without additional command arguments, provided the "Support per-fil...

D-Link DAP-1513 Multiple Vulnerabilities (Nov 2022)

D-Link DAP-1513 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-53061)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53061 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflow...

ABB Cylon Aspect 3.08.00 fileSystemUpdate.php File Upload / Denial Of Service Vulnerabilities

ABB Cylon Aspect version 3.08.00 suffers from a vulnerability in the fileSystemUpdate.php endpoint of the ABB BEMS controller due to improper handling of uploaded files. The endpoint lacks restrictions on file size and type, allowing attackers to upload excessively large or malicious files. This...

ABB Cylon Aspect 3.08.00 fileSystemUpdate.php File Upload / Denial Of Service

ABB Cylon Aspect 3.08.00 fileSystemUpdate.php Insecure File Upload Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management...

[SECURITY] [DLA 3978-1] editorconfig-core security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3978-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 30, 2024 https://wiki.debian.org/LTS -...

ABB Cylon Aspect 3.08.00 (fileSystemUpdate.php) Insecure File Upload

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description A vulnerability exists in the fileSystemUpdate.php endpoint of the AB...

CVE-2024-53849 Several stack buffer overflows and pointer overflows in editorconfig-core-c

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

CVE-2024-53849 Several stack buffer overflows and pointer overflows in editorconfig-core-c

editorconfig-core-c is theEditorConfig core library written in C for use by plugins supporting EditorConfig parsing. In affected versions several overflows may occur in switch case '' when the input pattern contains many escaped characters. The added backslashes leave too little space in the outp...

CVE-2024-53849

The CVE-2024-53849 issue affects editorconfig-core-c (EditorConfig core library in C) where multiple escaped characters in input patterns can trigger stack/pointer overflows in the '[' handling during parsing. The root cause is that added backslashes reduce available space in nested-bracket outpu...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

CVE-2024-53061

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word ...

CVE-2024-53061

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word ...