PT-2023-18716 · Unknown · Contour Service

Name of the Vulnerable Software and Affected Versions: Contour Service affected versions not specified Description: The issue concerns a lack of permission checking in the Contour Service, allowing an attacker to create analyses for datasets they do not have permission for. This could lead to...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32380

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may lead to arbitrary code execution...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

Design/Logic Flaw

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may lead to arbitrary code execution...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32380

CVE-2023-32380 concerns an out-of-bounds write in macOS Model I/O handling when processing a 3D model. The vulnerability is fixed in Apple OS updates: macOS Big Sur 11.7.7, macOS Monterey 12.6.6, and macOS Ventura 13.4. The available documents describe the issue as an out-of-bounds write that cou...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

F5 Networks BIG-IP : OpenSSL vulnerability (K000132941)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000132941 advisory. There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName...

CVE-2023-32384

CVE-2023-32384 affects Apple operating systems including watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 15.7.6 and 16.5, and iPadOS 15.7.6 and 16.5. The issue is a buffer overflow triggered during image processing, with the root cause stated as improv...

The vulnerability of the Packet Forwarding Engine (PFE) module in the Junos OS Evolved operating system of ACX7000 devices allows a attacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in the Junos OS Evolved operating system of ACX7000 series devices is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Integer Overflow

snappy-java is vulnerable to Integer Overflow. The vulnerability exists because the compress function receives an array of characters and multiplies the value by two, and passes it to the rawCompress function of Snappy.java which does not properly check the length and causes an integer overflow, ...

The vulnerability of the setOpModeCfg function in the microprogramming software for TOTOLINK X18 allows a hacker to execute arbitrary commands.

The vulnerability of the setOpModeCfg function in TOTOLINK X18 microprogrammed router software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the US company Google. Google Android suffers from a security vulnerability that stems from a lack of permission checking, which could bypass restrictions for tracking and could lead to local privilege escalation without additional...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. Google Android suffers from a security vulnerability that stems from a lack of boundary checking. An attacker can escalate privileges by exploiting the vulnerability...

CVE-2023-3138

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...

GHSA-WM5G-P99Q-66G4 elFinder vulnerable to path traversal in LocalVolumeDriver connector

Impact Path Traversal vulnerability in PHP LocalVolumeDriver connector. This vulnerability can be exploited by allowing untrusted users to write to the local file system. This issue was caused by incomplete validity checking of the supplied request parameters. That problem has been fixed in...

Ubuntu: Security Advisory (USN-6160-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...