23 matches found
Astra Linux - уязвимость в libreoffice
Versions of Apache OpenOffice prior to 4.1.14 may be configured to add an empty entry to the Java class path. This may allow for the execution of arbitrary Java code from the current directory...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibaacpi: Fix array out-of-bounds access In order to use toshibadmiquirks together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
DEBIAN-CVE-2026-23831
Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...
CVE-2026-23831
Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...
Linux Distros Unpatched Vulnerability : CVE-2024-26970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays...
SUSE CVE-2024-56721
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum1386microcode array The erratum1386microcode array requires an empty entry at the end. Otherwise x86matchcpuwithstepping will continue iterate the array after it ended. Add an empty entry to...
CVE-2024-56721
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum1386microcode array The erratum1386microcode array requires an empty entry at the end. Otherwise x86matchcpuwithstepping will continue iterate the array after it ended. Add an empty entry to...
CVE-2024-56721 x86/CPU/AMD: Terminate the erratum_1386_microcode array
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum1386microcode array The erratum1386microcode array requires an empty entry at the end. Otherwise x86matchcpuwithstepping will continue iterate the array after it ended. Add an empty entry to...
CVE-2024-56721
CVE-2024-56721 affects the Linux kernel x86/CPU/AMD handling of the erratum_1386_microcode array. The issue occurs because the array requires an empty entry at the end; without it, x86_match_cpu_with_stepping() may continue iterating past the end. The fix is to add an empty entry to the end of er...
UBUNTU-CVE-2024-42088
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1OUTBE dai link Commit e70b8dd26711 "ASoC: mediatek: mt8195: Remove afe-dai component and rework codec link" removed the codec entry for the ETDM1OUTBE dai link entirely instead ...
SUSE CVE-2024-26967
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
SUSE CVE-2024-26970
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
DEBIAN-CVE-2024-26967
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: camcc-sc8280xp: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...
libreoffice: Empty entry in Java class path
A flaw was found in LibreOffice. When an empty Java class path entry is configured, LibreOffice will search for Java classes in the current working directory, allowing malicious Java classes to load when opening a document using the file manager, resulting in arbitrary code execution...
libreoffice: Empty entry in Java class path
A flaw was found in LibreOffice. When an empty Java class path entry is configured, LibreOffice will search for Java classes in the current working directory, allowing malicious Java classes to load when opening a document using the file manager, resulting in arbitrary code execution...
CVE-2022-38745 Apache OpenOffice: Empty entry in Java class path
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory...
PT-2023-1972 · Apache +6 · Apache Openoffice +7
Name of the Vulnerable Software and Affected Versions: Apache OpenOffice versions before 4.1.14 Description: The issue is related to the possibility of adding an empty entry to the Java class path in Apache OpenOffice. This could allow a remote attacker to execute arbitrary Java code from the...
php: memory corruption in phar_parse_tarfile caused by empty entry file name
An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...
php: memory corruption in phar_parse_tarfile caused by empty entry file name
An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...