RHEL 8 : tigervnc (RHSA-2024:2039)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2039 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

RHEL 8 : tigervnc (RHSA-2024:2042)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2042 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

The vulnerability of the fromNatlimit function in Tenda W30E microprogrammable router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromNatlimit function in the Tenda W30E router’s microprogramming system is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of Parasolid’s 3D geometric modeling tool, related to reading data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created XT files...

DEBIAN-CVE-2023-50010

FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ffgradfunblurlinemovdqasse2, as demonstrated by a call to the setencoderid function in /fftools/ffmpegenc.c component...

The vulnerability of the Microsoft DWM Core Library on Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the Microsoft DWM Core Library on Windows operating systems relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

[SECURITY] [DLA 3787-1] xorg-server security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3787-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 15, 2024 https://wiki.debian.org/LTS -...

Mageia: Security Advisory (MGASA-2024-0121)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerabilities

Heap buffer overread/data leakage in ProcXIGetSelectedEvents. CVE-2024-31080 Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. CVE-2024-31081 User-after-free in ProcRenderAddGlyphs. CVE-2024-31083...

Important: Red Hat Security Advisory: X.Org server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

RHEL 7 : X.Org server (RHSA-2024:1785)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1785 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical use...

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation, related to reading data beyond the buffer in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created SPP files...

The vulnerability of Google Chrome’s Swiftshader library allows a hacker to gain unauthorized access to protected information.

The vulnerability of Google Chrome’s Swiftshader library relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HTML page...

SUSE CVE-2024-31080

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

SUSE CVE-2024-31081

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

AZL-44637 CVE-2024-31081 affecting package xorg-x11-server 1.20.10-6

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

CVE-2024-31081 Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

Slackware: Security Advisory (SSA:2024-094-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the formSetClientState function (/goform/SetClientState) in the Tenda AC10U router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetClientState function /goform/SetClientState in the Tenda AC10U router’s microprogramming software lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...