7652 matches found
SUSE CVE-2019-14513
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...
SUSE CVE-2020-7942
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog can be retrieved for a...
SUSE CVE-2020-9794
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of servi...
SUSE CVE-2020-9983
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution...
SUSE CVE-2020-14376
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying ivdata from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as syst...
SUSE CVE-2021-26336
Insufficient bounds checking in System Management Unit SMU may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components...
SUSE CVE-2021-26364
Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service...
SUSE CVE-2021-30953
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution...
SUSE CVE-2022-20792
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution...
SUSE CVE-2022-32912
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution...
SUSE CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...
Security Bulletin: WebSphere Application Server is vulnerable for information disclosure that affect IBM CICS TX on Cloud
Summary IBM CICS TX on Cloud has addressed the following vulnerabilities reported by IBM® WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote,...
Google Vertex AI Vision: Revolutionizing E-Commerce?
By Waqas Google Cloud released its newest AI feature for online retailers in 2023. Their shelf-checking AI solution, Vertex AI… This is a post from HackRead.com Read the original post: Google Vertex AI Vision: Revolutionizing E-Commerce?...
JSA10415 - Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) products - Security Bundle - Client Issues
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Client vulnerabilities found and fixed through a combination of internal and external proactive security testing: - A security issue has been identified that could allow an...
CVE-2023-25162 Nextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPs
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery SSRF. Attackers can leverage enclosed alphanumeri...
GSD-2023-1001856 Squashfs: fix handling and sanity checking of xattr_ids count
Squashfs: fix handling and sanity checking of xattrids count This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...
Qualcomm 芯片代码问题漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuitry mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip log service, which...
Qualcomm 芯片数字错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip wlan driver, which stems fro...
Qualcomm 芯片安全漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip wlan driver, which stem...
Qualcomm 芯片代码问题漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip wlan driver, which stems fro...