CVE-2024-48854

CVE-2024-48854 involves an off-by-one error in the TIFF image codec of BlackBerry QNX SDP. Affected products: QNX SDP versions 8.0, 7.1 and 7.0. The underlying issue is an off-by-one defect in the TIFF codec that could allow an unauthenticated attacker to perform an information disclosure within ...

CVE-2024-48854 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec...

QNX Software Development Platform 缓冲区错误漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A buffer error vulnerability exists in QNX Software Development Platform versions 8.0, 7.1, and 7...

QNX Software Development Platform 缓冲区错误漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A buffer error vulnerability exists in QNX Software Development Platform SDP versions 8.0, 7.1, a...

PT-2025-2810 · Blackberry · Qnx Sdp

Name of the Vulnerable Software and Affected Versions: QNX SDP versions 7.0 through 8.0 Description: The issue is related to an out-of-bounds write in the PCX image codec. This could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the...

QNX Software Development Platform 安全漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A security vulnerability exists in QNX Software Development Platform SDP versions 8.0, 7.1, and...

PT-2025-2809 · Blackberry · Qnx Sdp

Name of the Vulnerable Software and Affected Versions: QNX SDP versions 7.0 through 8.0 Description: The issue is related to an out-of-bounds read in the TIFF image codec, which could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the imag...

QNX Software Development Platform 安全漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A security vulnerability exists in QNX Software Development Platform SDP versions 8.0, 7.1, and...

PT-2025-2808 · Blackberry · Qnx Sdp

Name of the Vulnerable Software and Affected Versions: QNX SDP versions 7.0 through 8.0 Description: The issue is related to an off-by-one error in the TIFF image codec, which could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image...

QNX Software Development Platform 代码问题漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A code issue vulnerability exists in QNX Software Development Platform versions 8.0, 7.1, and 7.0...

OpenJPEG 安全漏洞

OpenJPEG is a C-based open source JPEG2000 codec open-sourced by Université catholique de Louvain. A security vulnerability exists in OpenJPEG. An attacker exploiting this vulnerability could cause a heap buffer overflow...

SUSE CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

DEBIAN-CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

UBUNTU-CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

CVE-2024-56685 ASoC: mediatek: Check num_codecs is not zero to avoid panic during probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

PT-2024-9987

Name of the Vulnerable Software and Affected Versions Apache MINA versions 2.0.X through 2.2.X Description The ObjectSerializationDecoder in Apache MINA lacks necessary security checks when processing incoming serialized data using Java’s native deserialization protocol. This allows attackers to...

kernel: Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

SUSE CVE-2024-47602

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer in th...

SUSE CVE-2024-47834

GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GSTMATROSKAIDCODECPRIVATE case within the gstmatroskademuxparsestream function, a dat...

DEBIAN-CVE-2024-47602

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. This function does not properly check the validity of the stream-codecpriv pointer in th...