MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking in vdec, which could lead to out-of-bounds writes...

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

CVE-2024-35366

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

SUSE CVE-2024-36468

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

CVE-2024-53920

A flaw was found in Emacs. Viewing or editing an untrusted Emacs Lisp source code file can cause arbitrary code execution due to unsafe macro expansion when a user has configured elisp-completion-at-point for code completion or has enabled automatic error checking, such as Flymake or Flycheck...

CVE-2024-36468

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

CVE-2024-36468

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

CVE-2024-36468

CVE-2024-36468 describes a stack buffer overflow in the Zabbix server/proxy code, specifically in the function zbx_snmp_cache_handle_engineid . The issue arises when copying data from session->securityEngineID to local_record.engineid without proper bounds checking, enabling an out-of-bounds w...

CVE-2024-36468 Stack buffer overflow in zbx_snmp_cache_handle_engineid

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from a lack of bounds checking in the ihevcdparseslicedata function in the ihevcdparseslice.c file, which can be exploited by an attacker to cause a...

CVE-2024-47248

Apache NimBLE

kernel: drm/radeon: fix UBSAN warning in kv_dpm.c

A vulnerability was found in the Linux kernel's DRM/Radeon driver, specifically in the sumovidmappingentry within the kvdpm.c file. Insufficient bounds checking can lead to memory corruption...

kernel: xfs: add bounds checking to xlog_recover_process_data

A vulnerability has been identified within the Linux kernel's xlogrecoverprocessdata function. Specifically, the function lacks proper bounds checking on the space allocated for the fixed members of the xlogopheader structure during log record processing. This omission can lead to an out-of-bound...

The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel 4th Generation and 5th Generation processors, allows attackers to exploit it to increase their privileges.

The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their...

The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel’s 4th and 5th generation processors, allows attackers to exploit it to increase their privileges.

The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, is related to synchronization errors when using common resources. Exploiting this vulnerability can allow attackers to increase their...

LibJXL 安全漏洞

LibJXL is a reference implementation of PEG XL encoder and decoder in the LibJXL open source. A security vulnerability exists in LibJXL that stems from improper boundary checking by the JPEG decoder when handling JPEG recompression, which could lead to out-of-bounds writes in the event that...

CVE-2024-37044 QTS, QuTS hero

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the followin...

Out-of-bounds Access

libarchive.so is vulnerable to Out-of-bounds Access. The vulnerability is due to insufficient bounds checking in the executefilteraudio function within archivereadsupportformatrar.c, which allows the src pointer to move beyond the dst pointer when processing crafted archive files...

Unspecified vulnerability in Linux kernel (CNVD-2024-46453)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of error checking for xastore. No details of the vulnerability are provided at this time...