CVE-2023-29451

CVE-2023-29451 describes a buffer overrun in the JSON parser that can crash Zabbix Server or Zabbix Proxy when processing a specially crafted string. The vulnerability affects the Zabbix components that parse JSON, leading to denial of service via crash. The provided connected documents confirm t...

CVE-2023-29451 Denial of service caused by a bug in the JSON parser

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...

CVE-2023-29451

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to writing beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to writing beyond the buffer in memory. Exploiting these...

PT-2023-25919 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a maliciou...

The vulnerability of the WanDynamicIpV6CfgRpm component (/userRpm/WanDynamicIpV6CfgRpm.htm) in the TP-Link TL-WR940N router software allows a attacker to cause a service failure.

The vulnerability of the WanDynamicIpV6CfgRpm component /userRpm/WanDynamicIpV6CfgRpm.htm of the TP-Link TL-WR940N router software is related to the issue where an operation outside the buffer is performed when processing the ipStart parameter. Exploiting this vulnerability allows a remote attack...

The vulnerability of the VirtualServerRpm component (/userRpm/VirtualServerRpm.htm) of TP-Link routers such as TL-WR940N, TL-WR841N, TL-WR941N, and TL-WR740N allows a hacker to cause service interruptions.

The vulnerability of the VirtualServerRpm component /userRpm/VirtualServerRpm.htm of TP-Link routers such as TL-WR940N, TL-WR841N, TL-WR941N, and TL-WR740N lies in the fact that the operation outside the buffer in memory occurs when processing the Changed key parameter. Exploiting this...

Amazon Linux 2 : opensc (ALAS-2023-2102)

The version of opensc installed on the remote host is prior to 0.19.0-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2102 advisory. A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return...

Debian: Security Advisory (DLA-3474-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3474 : libnss-myhostname - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3474 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3474-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 3474-1] systemd security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3474-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 29, 2023 https://wiki.debian.org/LTS -...

CBL Mariner 2.0 Security Update: opensc (CVE-2023-2977)

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2977 advisory. - A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15...

The vulnerabilities of microprogrammed logic controllers such as Modicon M580, Modicon M340, Modicon MC80, Modicon Momentum Ethernet, Modicon Quantum, Modicon Premium, and the programming software for these controllers—EcoStruxure Control Expert and EcoStruxure Process Expert—allow attackers to induce malfunctions in the equipment.

The vulnerability of microprogrammed logic controllers such as Modicon M580, Modicon M340, Modicon MC80, Modicon Momentum Ethernet, Modicon Quantum, Modicon Premium, and the programming software for these controllers—EcoStruxure Control Expert and EcoStruxure Process Expert—is related to the...

Medium: opensc

Issue Overview: A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return issue was found in Opensc before version 0.22.0 in insertpin function that could potentially crash programs using the library. CVE-2021-42780 Heap buffer overflo...

The vulnerability of the dynamically linked CrossCadWare_x64.dl library, a toolset for design and simulation in Siemens Solid Edge, allows a hacker to disclose confidential information.

The vulnerability of the dynamically linked CrossCadWarex64.dl library, which is used for design and simulation projects by Siemens Solid Edge, relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to disclose confidential informatio...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation lies in the writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SPP file...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment for simulation modeling of systems and processes in Siemens Tecnomatix Plant Simulation lies in the issue of writing beyond the buffer boundaries during the analysis of SPP files. Exploiting this vulnerability allows an attacker to execute arbitrary...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation lies in the writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SPP file...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation lies in the writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SPP file...

The vulnerability of the dynamically linked CrossCadWare_x64.dl library, a toolset for design and simulation in Siemens Solid Edge, allows a hacker to disclose confidential information.

The vulnerability of the dynamically linked CrossCadWarex64.dl library, which is used for design and simulation projects by Siemens Solid Edge, relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to disclose confidential informatio...