SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python311 (SUSE-SU-2024:0782-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0782-1 advisory. - xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator...

GHSA-Q3GG-M8HR-H4X4 Externally Controlled Format String in Scripting Functions

The rquickjs crate used by SurrealDB implements Rust bindings to the QuickJS C library and is used to execute SurrealDB scripting functions. The rquickjs function Exception::throwtype takes a string and returns an error object. Prior to version 0.4.2 of the crate, this string would be fed directl...

Externally Controlled Format String in Scripting Functions

The rquickjs crate used by SurrealDB implements Rust bindings to the QuickJS C library and is used to execute SurrealDB scripting functions. The rquickjs function Exception::throwtype takes a string and returns an error object. Prior to version 0.4.2 of the crate, this string would be fed directl...

CVE-2023-34042

The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical...

Buffer overflow

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious ga...

CVE-2023-42800 Buffer overflow due to use of `strcpy` in `performRtspHandshake`

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious ga...

CVE-2023-42799 Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString`

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious ga...

Oracle Linux 7 : thunderbird (ELSA-2023-6193)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6193 advisory. 115.4.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.4.1-1 - Update to...

CVE-2023-45677

CVE-2023-45677 affects stb_vorbis used by SDL2_sound/stb_vorbis.c. A crafted file can trigger a heap out-of-bounds write via f->vendor[len] = (char) '\0' with a negative len during start_decoder, and an integer overflow when len is INT_MAX during allocation of f->vendor and comment_list[i]....

Exploit for Incorrect Authorization in Vmware Aria_Operations_For_Logs

CVE-2023-34051 CVE-2023-34051 is an authentication bypass tha...

PT-2023-4516 · Tp Link · Tp-Link Tl-Wr941Nd +2

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR940N version V2 TP-Link TL-WR941ND version V5 TP-Link TL-WR841N version V8 Description: The issue is related to a buffer overflow in the /userRpm/AccessCtrlAccessRulesRpm component of TP-Link routers. This allows attackers to cau...

Code injection

The "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering...

CVE-2021-43758 Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Media Encoder versions 22.0, 15.4.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in th...

PT-2023-3897 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: The issue is related to an unauthenticated remote code execution via the lang parameter in the setLanguageCfg function. This is caused by errors in handling input data, which can all...

PT-2023-25793 · Yzncms · Yzncms

Name of the Vulnerable Software and Affected Versions: YznCMS version 1.1.0 Description: A Cross-Site Request Forgery CSRF issue in the /public/admin/profile/update.html component allows attackers to change the Administrator password using a crafted POST request. Recommendations: For YznCMS versi...

Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Denial Of Service Exploit

Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on macOS. Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash macOS Vendor: Google LLC Product web page: https://www.google.com Affected version:...

Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors

Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor AP, it's just one of the many processors of a system-on-chip SoC that cater to various tasks like...

PT-2023-10561 · Unknown · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer...

PT-2022-7108 · Systemd +9 · Systemd +9

Name of the Vulnerable Software and Affected Versions: systemd versions 247 and later, with affected builds including those with libacl support Description: A security flaw in systemd-coredump can cause a local information leak due to not respecting the fs.suid dumpable kernel setting. This issue...

PT-2022-26979 · Callback Technologies · Cbfs Filter

Name of the Vulnerable Software and Affected Versions: Callback technologies CBFS Filter version 20.0.8317 Description: A null pointer dereference issue exists in the handle ioctl 8314C functionality. This can be triggered by a specially crafted I/O request packet IRP, leading to denial of servic...