PT-2024-4484 · Blackberry · Qnx Sdp

Name of the Vulnerable Software and Affected Versions: QNX SDP versions 6.6, 7.0, and 7.1 Description: The issue is related to an improper input validation vulnerability in the SGI Image Codec. This could allow an attacker to potentially cause a denial-of-service condition or execute code in the...

RHEL 6 : libwebp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 - Rejected reason: This CVE ID has been rejecte...

SUSE SLED12 / SLES12 Security Update : freerdp (SUSE-SU-2024:1609-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1609-1 advisory. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : freerdp (SUSE-SU-2024:1610-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1610-1 advisory. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a...

Fedora 38 : freerdp (2024-c702ea0fb1)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c702ea0fb1 advisory. Update to 2.11.7 CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460, CVE-2024-32658, CVE-2024-32659,...

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.8.4 release

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

CVE-2024-34408

Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile in codec/utils/DecodeStream.cpp via a crafted PAG Portable Animated Graphics file...

CVE-2023-50223

Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-50186

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429 GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429 GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

Inductive Automation Ignition 安全漏洞

Inductive Automation Ignition is an integrated software platform for SCADA systems from Inductive Automation, USA. The platform supports SCADA Data Acquisition and Monitoring Systems, HMI Human Machine Interface and more. A security vulnerability exists in Inductive Automation Ignition that stems...

Security advisory: QStringConverter

QStringConverter has an invalid pointer being passed as a callback which can allow modification of the stack and has been assigned the CVE id CVE-2024-33861. Qt itself is not vulnerable to remote attack however an application using QStringDecoder either directly or indirectly can be vulnerable...

qt6-base (core module) -- Invalid pointer in QStringConverter

Andy Shaw reports: QStringConverter has an invalid pointer being passed as a callback which can allow modification of the stack. Qt itself is not vulnerable to remote attack however an application using QStringDecoder either directly or indirectly can be vulnerable. This requires: the attacker be...

Important: Red Hat Security Advisory: Red Hat build of Cryostat security update

An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

PT-2024-14773

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the MediaTek vcodec driver in the Linux kernel. The mtk vcodec mem free function is mostly called when the buffer to free exists, but there are instances where th...