php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

The vulnerability of the setSmsCfg function in the /cgi-bin/cstecgi.cgi file of the Totolink LR1200GB router’s microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the setSmsCfg function in the /cgi-bin/cstecgi.cgi file of the Totolink LR1200GB router’s microprogramming system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or...

The vulnerability of the PrivatesHandler component in the X Window System X.Org Server allows a hacker to execute arbitrary code.

The vulnerability of the PrivatesHandler component in the X Window System X.Org Server implementation is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the JXPath object query processing library, related to writing beyond buffer boundaries, allows attackers to trigger a service failure.

The vulnerability of the JXPath object processing library is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the kernel of iOS, macOS, and iPadOS allows a hacker to execute arbitrary code.

The vulnerability of the kernel of the iOS operating system, the macOS operating system, and the iPadOS operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the AIX operating system, related to the execution of operations beyond the buffer in memory, allows an attacker to execute arbitrary commands.

The vulnerability of the AIX operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary commands using invscout...

The vulnerability of the derivate_spatial_luma_vector_prediction function in the h.265 Libde265 implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the derivatespatiallumavectorprediction function in the h.265 Libde265 codec implementation is related to the possibility of writing beyond buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, a...

OPENSUSE-SU-2024:0023-1 Security update for libuev

This update for libuev fixes the following issues: - Update to 2.4.1: Update README with list of moden Linux APIs used Fix 27: possible buffer overrun in uevrun boo1218749 CVE-2022-48620...

Security update for libuev (moderate)

openSUSE Security Update: Security update for libuev Announcement ID: openSUSE-SU-2024:0023-1 Rating: moderate References: 1218749 Cross-References: CVE-2022-48620 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This update fo...

The vulnerability of the R7WebsSecurityHandler function in the wireless access point software of Tenda W9 allows a hacker to execute arbitrary code.

The vulnerability of the R7WebsSecurityHandler function in the wireless access point software of Tenda W9 relates to the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the WLAvalancheService service in the Avalanche device management system allows a hacker to cause a service failure.

The vulnerability of the WLAvalancheService service in the mobile device management system of Avalanche is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure using specially created data...

The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller) and Citrix Gateway virtual environment access control systems (formerly known as Citrix NetScaler Gateway) relates to an operation that goes beyond the buffer in memory, allowing a malicious actor to cause service failures.

The vulnerability of the Citrix ADC application delivery controller formerly Citrix NetScaler Application Delivery Controller and the Citrix Gateway access control system formerly Citrix NetScaler Gateway relates to an operation that goes beyond the buffer in memory. Exploiting this vulnerability...

The vulnerability of the WLAvalancheService service in the Avalanche device management system allows a hacker to execute arbitrary code.

The vulnerability of the WLAvalancheService service in the mobile device management system of Avalanche is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

EulerOS 2.0 SP11 : zstd (EulerOS-SA-2023-3023)

According to the versions of the zstd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overru...

EulerOS Virtualization 2.11.1 : zstd (EulerOS-SA-2023-3370)

According to the versions of the zstd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to caus...

EulerOS 2.0 SP11 : zstd (EulerOS-SA-2023-3046)

According to the versions of the zstd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overru...

EulerOS Virtualization 2.11.0 : zstd (EulerOS-SA-2023-3388)

According to the versions of the zstd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to caus...

EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2023-3085)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free flaw was found in vmxnet3rqallocrxbuf in drivers/net/vmxnet3/vmxnet3drv.c in VMware's vmxnet3 ethernet NIC driver ...

The vulnerability of the J-Web interface on Juniper Networks Junos OS-based operating systems in SRX and EX devices allows a hacker to execute arbitrary code.

The vulnerability of the J-Web interface on Juniper Networks Junos OS operating systems on SRX and EX devices is related to the ability to write beyond the buffer boundaries into memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to operations occurring outside the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the execution of operations beyond the buffer in memory when processing CGM format files. Exploiting this vulnerability can allow attackers to execute arbitrary code...