CVE-2024-6918

CVE-2024-6918 is a CWE-120 buffer overflow affecting Schneider Electric Accutech Manager. Connected docs indicate it can cause a crash of the Accutech Manager when handling a specially crafted request over port 2536/TCP, potentially affecting versions up to 2.8.0.0 (and earlier per some sources)....

SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2024:2949-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2949-1 advisory. - CVE-2024-40776: Fixed a use-after-free issue with improved memory management bsc1228613. - CVE-2024-40779: Fixed a out-of-bounds...

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS Evolved operating system allows a hacker to trigger a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS Evolved operating system is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger service failures remotely...

SUSE SLED15: WebKitGTK-4.0-lang / WebKitGTK-4.1-lang / WebKitGTK-6.0-lang / etc (SUSE-SU-2024:2905-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2905-1 advisory. - CVE-2024-40776: Fixed a use-after-free issue with improved memory management bsc1228613. - CVE-2024-40779:...

SUSE-SU-2024:2905-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2024-40776: Fixed a use-after-free issue with improved memory management bsc1228613. - CVE-2024-40779: Fixed a out-of-bounds read with improved bounds checking bsc1228693. - CVE-2024-40780: Fixed another out-of-bounds read with improve...

The vulnerability of the software for detecting vulnerabilities and errors in PT Application Inspector, due to improper checking of query parameters, allows a perpetrator to execute arbitrary code.

The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to improper checking of query parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the software for detecting vulnerabilities and errors in PT Application Inspector, due to improper checking of query parameters, allows a perpetrator to execute arbitrary code.

The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to improper checking of query parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the IP address checking function in FortiOS operating systems and FortiProxy proxy servers allows attackers to circumvent existing security restrictions.

The vulnerability of the IP address checking function in FortiOS operating systems and FortiProxy proxy servers for protecting against Internet attacks is related to the improper handling of numerical parameters based on different criteria. Exploiting this vulnerability allows a malicious actor t...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking and possible memory corruption that could lead to remote code execution...

CVE-2022-23815

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution...

CVE-2022-23817

Insufficient checking of memory buffer in AMD Secure Processor ASP Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation...

CVE-2022-23817

Insufficient checking of memory buffer in AMD Secure Processor ASP Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation...

CVE-2022-23817

CVE-2022-23817 concerns insufficient memory-buffer checking in the AMD Secure Processor’s ASP Secure OS, enabling a local attacker with a malicious Trusted Application to read/write into the kernel virtual address space and potentially escalate privileges. Connected documents (AMD security bullet...

CVE-2022-23815

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution...

CVE-2022-23815

CVE-2022-23815 concerns APCB firmware and is supported by multiple connected sources that describe an out-of-bounds write due to improper bounds checking, potentially enabling arbitrary code execution. The affected component is APCB firmware within AMD platform firmware/PI firmware stack, with ex...

CVE-2022-23815

Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution...

CVE-2024-36505

An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...

CVE-2024-36505

FortiOS contains an improper access control vulnerability (CWE-284) that could allow an attacker who already has write access to bypass the real-time file integrity checking system. Affected versions: FortiOS 7.4.0–7.4.3, 7.2.5–7.2.7, 7.0.12–7.0.14, and all 6.4.x. Root cause: bypass of file integ...

CVE-2024-36505

An improper access control vulnerability CWE-284 in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system via another hypothetical exploit to bypass the file integrity...

AMD Graphics Driver 安全漏洞

AMD Graphics Driver is an integrated graphics driver from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Graphics Driver that stems from insufficient boundary checking, which allows an attacker to cause a denial of service by sending a malformed message using a malicious VF...