CVE-2024-53061

CVE-2024-53061 affects the Linux kernel media: s5p-jpeg path, where the current logic allowed a word to be less than 2, risking buffer overflows. The fix adds extra checks to prevent small-word underflow and buffer overflows, as reported by the patch notes. Additionally, an unused assignment (wor...

CVE-2024-53061 media: s5p-jpeg: prevent buffer overflows

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word ...

CVE-2024-53061 media: s5p-jpeg: prevent buffer overflows

In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word ...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-45970

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-45970

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message...

CVE-2024-45970

Summary : CVE-2024-45970 describes multiple stack-based buffer overflows in the MMS Client of MZ Automation LibIEC61850, exploitable by a malicious server via the MMS FileDirResponse message. The underlying issue is in the MMS FileDirResponse handling, with a cited commit ac925fae8e281ac6defcd630...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-10397

A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code...

K000148250: PostgreSQL vulnerabilities CVE-2016-0766, CVE-2015-3167, CVE-2015-0243, CVE-2015-0242, and CVE-2015-0241

Security Advisory Description CVE-2016-0766 PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings GUCS for PL/Java, which allows attackers to gain privileges via...

USN-7068-1 imagemagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The...

USN-7068-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The...

Ubuntu: Security Advisory (USN-7068-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : ImageMagick vulnerabilities (USN-7068-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7068-1 advisory. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were...

The vulnerability of the Microsoft ActiveX object model in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft ActiveX object model in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

USN-7053-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These...

CVE-2024-41590

Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6...

Ubuntu 14.04 LTS : ImageMagick vulnerabilities (USN-7053-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7053-1 advisory. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into...

openSUSE Security Advisory (SUSE-SU-2024:3444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...