Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution...

CVE-2023-32401

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution...

RHEL 8 : libarchive (RHSA-2024:0146)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0146 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

Qualys Jenkins Plugin Code Issue Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A code issue vulnerability...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a module with an unstrict privilege checking vulnerability. Successful exploitation of...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the battery module, which may result in out-of-bounds writes...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips due to a lack of boundary checking in the battery module, which may result in memory corruption...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the battery module, which may result in out-of-bounds writes...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from incorrect boundary checking in the netdagent module, which could lead to information disclosure...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the keyInstall module, which could lead to information disclosure...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking in the Modem IMS Stack module, which may cause a system crash...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the battery module, which could lead to information disclosure...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the keyInstall module, which could lead to information disclosure...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the battery module, which could lead to information disclosure...

PT-2024-41772

Name of the Vulnerable Software and Affected Versions Ceph affected versions not specified Description An issue exists in Ceph related to incorrect certificate checking when using Pybind. This flaw could allow an attacker to perform a Man In the Middle MITM attack, potentially compromising mail...

CVE-2023-51010

CVE-2023-51010 affects com.sdjictec.qdmetro v4.2.2, specifically the export component AdSdkH5Activity. The issue allows an attacker to open a crafted URL without filtering or checking, as described across Red Hat, NVD, and CNNVD entries. CVSSv3.1 base score 5.3 (Medium) with impact vectors: none ...

CVE-2023-51010

An issue in the export component AdSdkH5Activity of com.sdjictec.qdmetro v4.2.2 allows attackers to open a crafted URL without any filtering or checking...

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0101)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public...

CentOS 7 : thunderbird (RHSA-2023:3151)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3151 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

Buffer Overflow

libming.so is vulnerable to Buffer Overflow. The vulnerability is due to the parseSWFGLYPHENTRY function within parser.c lacking proper memory allocation size checks and bounds checking on the glyphbits and advancebits parameters. An attacker can exploit this by providing specially crafted input...