CLSA-2022-1652706523 Fixed CVE-2022-24903 in rsyslog

CVE-2022-24903: fix potential buffer overrun when using octet-counted framing...

CLSA-2022-1652706426 Fixed CVE-2022-24903 in rsyslog

CVE-2022-24903: fix potential buffer overrun when using octet-counted framing...

kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c

A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

CVE-2022-25785 Buffer overrun

Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7...

SUSE-SU-2022:1512-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion bsc1198441. - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods bsc1193035. - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in...

SUSE: Security Advisory (SUSE-SU-2022:1512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : eb -- Potential buffer overrun vulnerability (17a30a24-c579-11ec-bbbd-0800270512f4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 17a30a24-c579-11ec-bbbd-0800270512f4 advisory. - Kazuhiro Ito reports: Potential buffer overrun vulnerability is found in eb/multiplex.c...

eb -- Potential buffer overrun vulnerability

Kazuhiro Ito reports: Potential buffer overrun vulnerability is found in eb/multiplex.c...

The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe Illustrator’s graphic editor arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information through a specially crafted PDF file...

The vulnerability in the implementation of the TIPC network protocol in the Linux operating system allows a hacker to cause a service failure or increase their privileges.

The vulnerability of the Linux operating system’s TIPC network protocol implementation net/tipc/monitor.c is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures or increase their privileges through a...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to an operation that allows data to be written beyond the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the execution of operations beyond the buffer in memory...

Slackware: Security Advisory (SSA:2017-223-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2022-103-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2020-176-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-28739

A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...

The vulnerability of the imagegammacorrect function in the PHP programming language lies in its ability to write beyond buffer boundaries in memory, which allows an attacker to cause a service failure or potentially cause other adverse effects.

The vulnerability of the imagegammacorrect function ext/gd/gd.c in the PHP programming language is related to writing beyond buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause service interruptions or potentially cause other adverse effects...

The vulnerability of GUI temperature control software lies in its ability to write beyond the buffer boundaries when processing configuration files in the *.gd1 format. This allows a hacker to execute arbitrary code.

The vulnerability of GUI temperature control software relates to the possibility of writing beyond the buffer boundaries when processing configuration files in the .gd1 format. Exploiting this vulnerability allows an attacker to execute arbitrary code...

CVE-2022-25788

A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code...