CVE-2024-5302

Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

PT-2024-6414 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this issue, where the target...

PT-2024-4363 · Nvidia +1 · Nvidia Vgpu +1

Name of the Vulnerable Software and Affected Versions: NVIDIA vGPU software for Linux affected versions not specified Description: The issue is related to a buffer overrun vulnerability in the Virtual GPU Manager of the NVIDIA vGPU software for Linux. This vulnerability can be exploited by the...

kernel: xhci: handle isoc Babble and Buffer Overrun events properly

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface xHCI subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous isoc Babble and Buffer Overrun events. The vulnerability occurs because the xHC...

kernel: xhci: handle isoc Babble and Buffer Overrun events properly

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface xHCI subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous isoc Babble and Buffer Overrun events. The vulnerability occurs because the xHC...

The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge stems from the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by...

RHEL 8 : kernel update (Moderate) (RHSA-2024:3618)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3618 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Marvin vulnerability...

The vulnerability of the HMI interface configuration software Monitouch V-SFT lies in the possibility of operations going beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the HMI interface configuration software Monitouch V-SFT lies in the escape of operations beyond the buffer in memory due to the mixing of data types. Exploiting this vulnerability allows an attacker to execute arbitrary code by loading a malicious V9C format file...

The vulnerability of the Microprogramming Software of the Alpha5 Smart Service System, related to the execution of operations outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Microprogrammed Software of the Alpha5 Smart service system relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by loading specially created malicious C5V files...

CVE-2024-36895

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb "usb: gadget: uvc: Generalise helper functions for reuse" introduced a helper...

RHEL 4 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl: File::Temp insecure temporary file handling CVE-2011-4116 - perl: heap buffer overrun flaw may lead...

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - zsh before 5.0.7 allows evaluation of the initial values...

RHEL 9 : zstd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - zstd: mysql: buffer overrun in util.c CVE-2022-4899 Note that Nessus has not tested for this issue but has instead...

RHEL 8 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - onigmo: out-of-bounds read in nextstateval in regparse.c CVE-2019-16162 - Onigmo through 6.2.0 has a NULL...

The vulnerability of the application software interface of the microprogramming system for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.

The vulnerability of the application software interface for Microprogramming Systems, AutomationDirect P3-550E, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2024-35506 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this issue, where the target must...

PT-2024-35504 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a maliciou...

The vulnerability of the decode_deliver_report() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the decodedeliverreport function in the OFono mobile phone stack is related to the execution of an operation outside the buffer in memory when sending SMS messages in the PDU format. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the CurrDir component in the microprogramming software for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.

The vulnerability of the CurrDir component in the AutomationDirect P3-550E programmable logic controllers is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

PT-2024-36470 · Luxion · Luxion Keyshot Viewer

Name of the Vulnerable Software and Affected Versions: Luxion KeyShot Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this issue, where the...