The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the issue of operations occurring outside the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the issue of operations going beyond the buffer in memory when processing embedded fonts. Exploiting thi...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the issue of operations occurring outside the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the issue of operations going beyond the buffer in memory when processing embedded fonts. Exploiting...

The vulnerability in the UpdateRegExpStatics function of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to execute arbitrary code.

The vulnerability of the UpdateRegExpStatics function in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

apr: integer overflow/wraparound in apr_encode

A flaw was found in Apache Portable Runtime APR. This issue may allow a malicious attacker to write beyond the bounds of a buffer...

apr: integer overflow/wraparound in apr_encode

A flaw was found in Apache Portable Runtime APR. This issue may allow a malicious attacker to write beyond the bounds of a buffer...

The vulnerability in the `libfreerdp/codec/rfx.c` component of the RDP client FreeRDP, related to the occurrence of operations outside the buffer boundaries in memory, allows a hacker to trigger a service failure.

The vulnerability in the libfreerdp/codec/rfx.c component of the RDP client FreeRDP is related to the issue where operations are performed outside of the buffer boundaries in memory when processing parameters tile-quantIdxY, tile-quantIdxCb, and tile-quantIdxCr. Exploiting this vulnerability can...

The vulnerability of the nsc_rle_decompress_data() function in the RDP client FreeRDP, which allows a hacker to trigger a service failure

The vulnerability of the nscrledecompressdata function in the RDP client FreeRDP is related to the issue where the operation exits outside the buffer in memory when processing the context-Planes parameter. Exploiting this vulnerability can allow a malicious actor to cause service failures remotel...

Vulnerability of the progressive_decompress() function in the RDP client FreeRDP, allowing a hacker to trigger a service failure

The vulnerability of the progressivedecompress function in the RDP client FreeRDP is related to the occurrence of operations outside the buffer in memory when processing nXSrc and nYSrc. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

OESA-2023-1584 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connectio...

The vulnerability of the CodeMeter license control application, related to the execution of operations outside the buffer in memory, allows a violator to execute arbitrary code.

The vulnerability of the CodeMeter license control application relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

SUSE CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s V8 JavaScript engine lies in the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to...

Updated kernel-linus packages fix security vulnerabilities

This kerne-linusl update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated...

MGASA-2023-0251 Updated kernel-linus packages fix security vulnerabilities

This kerne-linusl update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated...

SUSE-SU-2023:3390-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' bsc1206418. - CVE-2023-0459: Fixed information leak in uaccessbeginnospec...

CVE-2023-4041 Second Stage Gecko Bootloader GBL Parser Buffer Overrun Vulnerability

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow', Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM Firmware Update File Parser modules allows Code Injection, Authentication Bypass.This issue affects "Standalone...

Amazon Linux AMI : kernel (ALAS-2023-1803)

The version of kernel installed on the remote host is prior to 4.14.322-170.535. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1803 advisory. A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw...

Amazon Linux 2 : kernel (ALAS-2023-2206)

The version of kernel installed on the remote host is prior to 4.14.322-244.536. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2206 advisory. A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw...

[SECURITY] [DLA 3538-1] zabbix security update

Debian LTS Advisory DLA-3538-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost August 22, 2023 https://wiki.debian.org/LTS Package : zabbix Version : 1:4.0.4+dfsg-1+deb10u2 CVE ID : CVE-2013-7484 CVE-2019-17382 CVE-2022-35229 CVE-2022-43515 CVE-2023-29450...