openssl security update

An update is available for openssl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...

RLSA-2024:7848 Low: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 For more details about the security issues,...

RockyLinux 8 : openssl (RLSA-2024:7848)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:7848 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. No...

The vulnerability of the readOFF function in the libigl library for working with geometric objects in the C++ programming language allows a hacker to execute arbitrary code.

The vulnerability of the readOFF function in the libigl library, which is used for working with geometric objects in the C++ programming language, relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using ...

The vulnerability of the readOFF function in the libigl library for working with geometric objects in the C++ programming language allows a hacker to execute arbitrary code.

The vulnerability of the readOFF function in the libigl library, which is used for working with geometric objects in the C++ programming language, relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using ...

The vulnerability of the check_rstbl() function in the NTFS3 file system of Linux operating systems allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the checkrstbl function in the fs/ntfs3/fslog.c file of the NTFS3 file system in the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of t...

The vulnerability of the usb_string_copy() function in the Linux operating system’s USB driver allows a hacker to induce a service failure.

The vulnerability of the usbstringcopy function in the drivers/usb/gadget/configfs.c file of the Linux kernel’s USB gadget driver relates to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the atomctrl_retrieve_ac_timing() function in the amdgpu driver of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the atomctrlretrieveactiming function in the driver drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c of the amdgpu kernel in the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the df_v1_7_get_hbm_channel_number() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dfv17gethbmchannelnumber function in the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2024-39823 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious...

PT-2024-39822 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploi...

PT-2024-39825 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this, where the target must vis...

PT-2024-39783 · Trimble · Trimble Sketchup Viewer

Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this, where the...

PT-2024-39829 · Irfan Skiljan · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this, where the target must visit a malicious...

CVE-2024-47965

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process...

PT-2024-32915 · Delta Electronics · Cncsoft-G2

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-G2 affected versions not specified Description: The issue is related to a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This can be exploited by an...

Low: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Low: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...