FFmpeg Buffer Overflow Vulnerability (CNVD-2024-27560)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in Ffmpeg version v.N113007-g8d24a28d06 due to incorrect bounds checking in the libavfilter/avfshowspectrum.c:1789:52 component of the...

The vulnerability of the Forwarding Information Base Telemetry (fibtd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Forwarding Information Base Telemetry fibtd of Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

CVE-2024-22186 Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking

The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator...

CVE-2024-22186 Electrolink FM/DAB/TV Transmitter Reliance on Cookies without Validation and Integrity Checking

The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator...

The vulnerability of the Service Port component 7329 of the Tenda AC23 microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the Service Port component 7329 of the Tenda AC23 microprogramming router lies in insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-26908

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: x86/xen: Add some null pointer checking to smp.c The Linux kernel CVE team has assigned CVE-2024-26908 to this issue...

CVE-2024-26908

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-26908

CVE-2024-26908 is a Linux kernel issue where the advisory notes adding null pointer checks in kernel/x86/smp.c (x86/xen path). Connected advisories (RHSA-2024:6992, RHSA-2024:5992/5928 equivalents, ELSA-2024-5928) indicate affected kernel builds in Red Hat, Oracle Linux, and related distributions...

CVE-2024-26908

Removed by vendor...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to insufficient bounds checking in the in the VCD parsevaluechange portdump functionality via the GUI's legacy VCD parsing code, allows specially crafted .vcd file can lead to arbitrary code execution...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within its VCD parsevaluechange portdump functionality by the vcd2lxt2 conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...

Out-of-bounds Write

gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to insufficient bounds checking within its VCD parsevaluechange portdump functionality via the vcd2vzt conversion utility. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...

Out-of-Bounds-Read

gtkwave is vulnerable to Out-of-Bounds-Read. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the GUI's default VCD parsing code. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...

Out-of-Bounds-Read

gtkwave is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within its VCD var definition section functionality via the GUI's legacy VCD parsing code. It allows a Crafting a specially designed .vcd file can result in arbitrary code execution...

CVE-2024-23911

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet...

CVE-2024-23911

CVE-2024-23911 affects Cente middleware TCP/IP Network Series. The vulnerability is an out-of-bounds read caused by improper checking of IPv6 NDP option length values in IPv6 NDP packets, potentially allowing an unauthenticated attacker to stop device operations by sending a crafted packet. Explo...

ROS-20240412-06

A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...

Huawei EMUI/HarmonyOS Incoming Parameter Checking Not Strict Vulnerability

Huawei EMUI and Huawei HarmonyOS are both products of Huawei, a mobile operating system based on Android, and Huawei HarmonyOS, a distributed operating system developed by Huawei for the whole scenario, aiming at realizing intelligent interconnection and resource sharing among people, devices, an...

zcap has incomplete expiration checks in capability chains.

Impact When invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly checked against the current date or other date param. This can allow invocations outside of the original intended time period. A zcap still cann...

Deserialization of Untrusted Data in timber/timber

Summary Timber is vulnerable to PHAR deserialization due to a lack of checking the input before passing it into the fileexists function. If an attacker can upload files of any type to the server, he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP...