The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project, a project management software, relates to errors in processing input data, allowing an attacker to execute arbitrary code.

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project management software are related to errors in processing input data. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code, provided that the user opens a...

PT-2024-6179 · Microsoft · Windows Kernel-Mode Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel-Mode Driver affected versions not specified Description: The issue is related to an Elevation of Privilege vulnerability in the Windows Kernel-Mode Driver. It is caused by synchronization errors when using a shared resource,...

PT-2024-5646 · Microsoft · Windows Layer-2 Bridge Network Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Layer-2 Bridge Network Driver affected versions not specified Description: The issue is related to errors in pointer dereferencing, which can be exploited by a remote attacker to cause a denial of service. This can affect the system,...

PT-2024-5626 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in pointer dereferencing in the implementation of Network Address Translation NAT technology in Windows operating systems. This can be exploited by a remote...

CVE-2024-7412

The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the fu...

Advisory ROSA-SA-2024-2468

software: patch 2.7.6 OS: ROSA-CHROME packageevrstring: patch-2.7.6-5 CVE-ID: CVE-2018-6951 BDU-ID: 2023-01652 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the intuitdifftype function of the pch.c component of the Patch edit transfer program is related to pointer dereferencing errors. Exploitatio...

The vulnerability of the PeaksToHarmspect() function in the Espeak speech synthesiser allows a violator to trigger a service failure.

The vulnerability of the PeaksToHarmspect function in the Espeak speech synthesiser is related to errors in comparison operations. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-6562 affiliate-toolkit <= 3.5.5 - Unauthenticated Full Path Dislcosure

The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5. This is due displayerrors being set to true . This makes it possible for unauthenticated attackers to retrieve the full path of the web...

CVE-2024-7416 Reveal Template <= 3.7 - Unauthenticated Full Path Disclosure

The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the ful...

CVE-2024-7382

CVE-2024-7382 concerns the Linkify Text WordPress plugin. The vulnerability is a Full Path Disclosure in all versions up to and including 1.9.1, caused by the plugin using Bootstrap and leaving test files with display_errors enabled. This allows unauthenticated attackers to retrieve the web app’s...

CVE-2024-7382 Linkify Text <= 1.9.1 - Unauthenticated Full Path Disclosure

The Linkify Text plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.9.1. This is due to the plugin utilizing bootstrap and leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of th...

PT-2024-38330 · WordPress · Pdf Builder For Wpforms

Name of the Vulnerable Software and Affected Versions: PDF Builder for WPForms plugin for WordPress versions up to, and including, 1.2.116 Description: The issue is related to Full Path Disclosure, which occurs because the plugin allows direct access to the composer-setup.php file with display...

PT-2024-38312 · WordPress · Linkify Text

Name of the Vulnerable Software and Affected Versions: Linkify Text plugin for WordPress versions up to and including 1.9.1 Description: The issue is related to Full Path Disclosure, which occurs because the plugin uses bootstrap and leaves test files with display errors enabled. This allows...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge relates to type conversion errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a denial-of-service attack by generatin...

PT-2024-37709 · WordPress · Amelia

Name of the Vulnerable Software and Affected Versions: The Booking for Appointments and Events Calendar – Amelia plugin for WordPress versions up to, and including, 1.2 Description: The issue is related to Full Path Disclosure, which occurs because the plugin utilizes Symfony and has display erro...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. Attackers exploit the vulnerability to cause kernel errors...

DEBIAN-CVE-2024-42241

In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by...

CVE-2024-42241

In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by...

ROS-20240807-02

Vulnerability of CountVowelPosition function of Espeak compact free software speech synthesizer is related to stack buffer overflow. with a stack buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service SetUpPhonemeTable compact free software speech...

ROS-20240725-08

A vulnerability in the NVIDIA GPU Display Driver software driver for Linux is related to writing outside of memory boundaries. Exploitation of the vulnerability could allow an attacker to elevate privileges, disclose sensitive information, or spoof data A vulnerability in the NVIDIA GPU Display...