PT-2023-21866 · Snappier · Snappier

Name of the Vulnerable Software and Affected Versions: Snappier version 1.1.0 Description: This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. The issue arises from the use of byte references rather than pointers to pinned buffers, which can lead to invalid buffer...

The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory when processing USD files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of Adobe Dimension’s 3D design software lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory when processing USD files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malware file or a specially craft...

SUSE CVE-2022-4899

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun...

Important: openssl

Issue Overview: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate...

Low: tpm2-tss

Issue Overview: tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array only has...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect AIX

Summary Vulnerabilities in OpenSSL could allow a remote attacker to cause a denial service CVE-2022-3996, CVE-2023-0401, CVE-2022-4203, CVE-2023-0216, CVE-2023-0215, CVE-2023-0217, CVE-2023-0286, CVE-2022-4450 or obtain sensitive information CVE-2022-4304. OpenSSL is used by AIX as part of AIX's...

Amazon Linux 2023 : tpm2-tss, tpm2-tss-devel (ALAS2023-2023-110)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-110 advisory. tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions Tss2RCSetHandler and Tss2RCDecode both index...

CLSA-2023-1679349729 Fix CVE(s): CVE-2023-26604, CVE-2022-3821

SECURITY UPDATE: buffer overrun vulnerability in formattimespan - debian/patches/CVE-2022-3821.patch: fix buffer-over-run - CVE-2022-3821 SECURITY UPDATE: a local privelege escalation for some sudo configs was not blocked adequately - debian/patches/CVE-2023-26604.patch: use only less as a pager...

CVE-2022-4899

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun...

virt:kvm_utils2 security update

qemu-kvm 6.1.1-5-el8 - hw/pvrdma: Protect against buggy or malicious guest driver Yuval Shaia Orabug: 35064352 CVE-2022-1050 - hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion Philippe Mathieu-Daude Orabug: 35060182 - hw/display/qxl: Avoid buffer overrun in qxlphys2virt...

The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the execution of operations beyond the buffer boundaries in memory. This allows an intruder to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the execution of an operation beyond the buffer boundaries in memory when processing a comment block within the project file information. Exploiting this vulnerability can allow an intruder ...

The vulnerability in the implementation of the PAPI network protocol for ArubaOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of the PAPI network protocol implementation in ArubaOS operating systems lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets...

PT-2025-49648

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ALSA subsystem, specifically within the ca0132 driver. The tuning ctl set function may experience a buffer overrun when the loop does not break du...

The vulnerability of the Tbase database server of the B&R APROL industrial system monitoring software allows a intruder to execute arbitrary code.

The vulnerability of the Tbase database server of the B&R APROL software solution for monitoring the status of industrial systems is related to the possibility of writing data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remote...

The vulnerability of Adobe Premiere Rush software arises from an operation that goes beyond buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe Premiere Rush arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

PT-2023-7988 · Zabbix +2 · Zabbix +2

Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: A specially crafted string can cause a buffer overrun in the JSON parser library, leading to a crash of the Zabbix Server or a Zabbix Proxy. This issue can be exploited by a remote attacker ...

Debian: Security Advisory (DSA-2125-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-643-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5928-1: systemd vulnerabilities

It was discovered that systemd did not properly validate the time and accuracy values provided to the formattimespan function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,...