CVE-2023-24287

A crafted save file can cause a buffer overrun in the Undead puzzle...

CVE-2023-24286

A crafted save file can cause a buffer overrun in the Mosaic puzzle...

CVE-2023-24291

A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection...

CVE-2023-24288

A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection...

CVE-2023-24284

A crafted save file can cause a buffer overrun in the Guess puzzle...

CVE-2023-24285

A crafted save file can cause a buffer overrun in the Netslide puzzle...

CVE-2023-24283

A crafted save file can cause a buffer overrun in the Guess puzzle...

SUSE-SU-2023:3964-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of...

The vulnerability of OPTEE, a microprogramming software component for MediaTek chips, allows attackers to enhance their privileges.

The vulnerability of OPTEE microprogramming software components in MediaTek’s chips relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Exim SMTP mail server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Exim mail server’s SMTP service is related to the issue of operations going beyond the buffer in memory when implementing a DNSDB-style search mechanism. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected...

The vulnerability of the SMTP protocol implementation in a mail server allows a hacker to execute arbitrary code.

The vulnerability of the SMTP protocol implementation in email servers is related to the execution of operations beyond the buffer boundaries in memory when processing requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the formSetWanL2TP function in the microprogramming software for D-Link DIR-619L routers allows a hacker to induce a service failure.

The vulnerability of the formSetWanL2TP function in the microprogramming software for D-Link DIR-619L routers is related to the writing of data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability of the SetAPLanSettings() function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a hacker to execute arbitrary code.

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster is related to the execution of operations outside the buffer in memory when processing XML data. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster allows a intruder to execute arbitrary code.

The vulnerability of the SetAPLanSettings function in the microprogramming software of the D-Link DAP-1325 wireless signal booster is related to the execution of operations outside the buffer in memory when processing XML data. Exploiting this vulnerability allows a remote attacker to execute...

The vulnerability of the yyxz.data() function in D-Link DI-7200G V2.E1 microprogrammed router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the yyxz.data function in D-Link DI-7200G V2.E1 microprogrammed router software is related to the operation of writing data outside of the buffer in memory when processing the id parameter. Exploiting this vulnerability can allow an attacker to compromise the confidentiality,...

The vulnerability of the dir_setWanWifi function in D-Link DIR-816 A2 router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dirsetWanWifi function in D-Link DIR-816 A2 router microprogramming software is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the tgfile.asp component of the D-Link DI-7200G V2 router microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tgfile.asp component of the D-Link DI-7200G V2 router microprogramming system is related to the issue where operations are performed outside the buffer in memory when processing the fn parameter. Exploiting this vulnerability allows an attacker to compromise the...

Medium: ruby

Issue Overview: A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read. CVE-2022-28739 Affected...

Important: kernel

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw...

Amazon Linux AMI : kernel (ALAS-2023-1827)

The version of kernel installed on the remote host is prior to 4.14.322-170.535. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1827 advisory. A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c...