RHEL 8 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - onigmo: out-of-bounds read in nextstateval in regparse.c CVE-2019-16162 - Onigmo through 6.2.0 has a NULL...

PT-2024-35504 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a maliciou...

PT-2024-35506 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this issue, where the target must...

PT-2024-36470 · Luxion · Luxion Keyshot Viewer

Name of the Vulnerable Software and Affected Versions: Luxion KeyShot Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this issue, where the...

PT-2024-35505 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this issue, where the target must...

The vulnerability of the application software interface of the microprogramming system for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.

The vulnerability of the application software interface for Microprogramming Systems, AutomationDirect P3-550E, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the decode_deliver_report() function in the OFono mobile phone stack allows a hacker to execute arbitrary code.

The vulnerability of the decodedeliverreport function in the OFono mobile phone stack is related to the execution of an operation outside the buffer in memory when sending SMS messages in the PDU format. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2024-36468 · Luxion · Luxion Keyshot Viewer

Name of the Vulnerable Software and Affected Versions: Luxion KeyShot Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this issue, where the...

The vulnerability of the CurrDir component in the microprogramming software for programmable logic controllers AutomationDirect P3-550E allows a intruder to trigger a service failure.

The vulnerability of the CurrDir component in the AutomationDirect P3-550E programmable logic controllers is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

zstd: mysql: buffer overrun in util.c

A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun...

CVE-2024-36895 usb: gadget: uvc: use correct buffer size when parsing configfs lists

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb "usb: gadget: uvc: Generalise helper functions for reuse" introduced a helper...

The vulnerability of the file conversion tools between different formats, such as PS/IGES Parasolid Translator, arises from the possibility of the operation exceeding the buffer boundaries in memory. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the file conversion tools between different formats PS/IGES, Parasolid Translator is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows Common Log File System Driver in the operating system is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory. This allows attackers to gain unauthorized access to protected information and circumvent the ASLR protection mechanism.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information and bypass security mechanisms like...

The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to gain elevated privileges.

The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

dotnet: stack buffer overrun in Double Parse

A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine...

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

dotnet: stack buffer overrun in Double Parse

A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine...

Important: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 8 : .NET 7.0 (RHSA-2024:3340)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3340 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...