CVE-2024-30045

.NET and Visual Studio Remote Code Execution Vulnerability...

RHEL 9 : .NET 8.0 (RHSA-2024:2842)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2842 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

ALSA-2024:2842 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5...

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - In builtin.c in zsh before 5.4, when sh compatibility mo...

RHEL 7 : systemd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary file...

CVE-2024-28759

Wind River VxWorks 7.x up to 23.09 is affected by a vulnerability where a crafted network packet can cause a buffer overrun. Affected component is the VxWorks networking input handling; root cause is a buffer overflow triggered by network packets. Practical impact is a potential crash or instabil...

CVE-2024-28759

A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...

CVE-2024-28759

A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...

PT-2024-22565 · Wind River · Vxworks

Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 7 through 23.09 Description: A crafted network packet may cause a buffer overrun. Recommendations: For versions 7 through 23.09, update to a version that contains a fix for this issue...

The vulnerability of the SKP File Parser component in the 3D design and architectural drafting software SketchUp Viewer allows a hacker to execute arbitrary code.

The vulnerability of the SKP File Parser component in the 3D design and architectural drafting software SketchUp Viewer relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the distributed file system (DFS) in the Windows operating system, which allows a hacker to expose protected information

The vulnerability of the distributed file system DFS in the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...

CVE-2023-38087

Kofax Power PDF clearTimeOut Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-34307

Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-34293

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

CVE-2023-32160

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2023-32154

Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists...

Sante DICOM Viewer Pro 安全漏洞

Santesoft Sante DICOM Viewer Pro is a powerful viewer, anonymizer, converter and PACS client from Santesoft Cyprus. Works with DICOM files of all models and manufacturers. A security vulnerability exists in Sante DICOM Viewer Pro, which stems from a carefully crafted J2K image that can be written...

The vulnerability of the fromAddressNat() function (/goform/addressNat) in the Tenda FH1206 router microprogramming software allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the fromAddressNat function /goform/addressNat in the Tenda FH1206 router microprogramming system is related to the operation that goes beyond the buffer boundaries in memory when processing the parameter entrys. Exploiting this vulnerability could allow a remote attacker to...

The vulnerability of the JavaScript script handler interface in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JavaScript script handler interface in Google Chrome and Microsoft Edge browsers is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by openin...

The vulnerability of the Layer-2 Control Protocol Daemon (l2cpd) protocol of LLDP allows a attacker to cause a service failure in Juniper Networks’ Junos OS and Junos OS Evolved operating systems.

The vulnerability of the Layer-2 Control Protocol Daemon l2cpd protocol of the LLDP protocol in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the issue of operations going beyond the buffer in memory when processing LLDP packets. Exploiting this vulnerability can...