The vulnerability of Siemens Solid Edge’s design and simulation tools relates to data writing beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created PAR files...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6466-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6466-1 advisory. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free...

Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2023-3023)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2023-3046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Cisco Fabric Services component for NX-OS and Cisco FXOS operating systems in Cisco devices allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Cisco Fabric Services component for NX-OS and Cisco FXOS operating systems in Cisco devices is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information o...

CLSA-2023-1698306895 Fix of 7 CVEs

CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve a flaw related to writing data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to writing data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to...

CLSA-2023-1698248409 Fix of 6 CVEs

CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3newpack packet size to IPMAXMTU CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-34319 // CVE-url:...

Ubuntu 16.04 ESM : Linux kernel (HWE) vulnerabilities (USN-6440-3)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6440-3 advisory. Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker...

Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6445-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6445-2 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6446-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6446-2 advisory. Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized...

The vulnerability of the Substance 3D Stager software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Substance 3D Stager software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Substance 3D Stager software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

PT-2023-9668 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

The vulnerability of the command-line interface (CLI) of Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause service interruptions.

The vulnerability of the command-line interface CLI of Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

The vulnerability of the jingx.asp component in D-Link router microprogramming systems such as DI-7003GV2, DI-7100G, DI-7100GV2, DI-7200G, DI-7200GV2, DI-7300G, and DI-7400G allows a hacker to execute arbitrary code.

The vulnerability of the jingx.asp component of D-Link router microprogramming systems such as DI-7003GV2, DI-7100G, DI-7100GV2, DI-7200G, DI-7200GV2, DI-7300G, and DI-7400G lies in the fact that the operation is performed outside of the buffer in memory. Exploiting this vulnerability allows a...

AZL-34612 CVE-2023-38545 affecting package cmake for versions less than 3.21.4-10

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

The vulnerability of the Suricata intrusion detection and prevention system arises from the operation going beyond the buffer boundaries in memory. This allows attackers to circumvent security restrictions and execute the TCP Reset attack.

The vulnerability of the Suricata intrusion detection and prevention system lies in the fact that the operation escapes the buffer in memory due to insufficient checking of the values of the FIN, SYN, and ACK parameters during packet processing. Exploiting this vulnerability allows a remote...