9002 matches found
Dassault Systèmes eDrawings IPT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
The vulnerability of the drm_sched_entity_init() function in the drivers/gpu/drm/scheduler/sched_entity.c file of the Linux operating system’s DRAM driver allows a hacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the drmschedentityinit function in the drivers/gpu/drm/scheduler/schedentity.c file of the Linux operating system’s DRM driver is related to insufficient control over buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality an...
Denial Of Service (DoS)
iNet wireless daemon IWD is vulnerable to Denial of Service. The vulnerability is due to initialization issues in situations where parsing of advertised service information fails, leading to a denial of service daemon crash or potentially other unspecified impacts...
[SECURITY] Fedora 40 Update: libbase-1.1.3-42.fc40
LibBase is a library developed to provide base services like logging, configuration and initialization to other libraries and applications. The library is the root library for all Pentaho-Reporting projects...
[SECURITY] Fedora 40 Update: apache-commons-digester-2.1-30.fc40
Many projects read XML configuration files to provide initialization of various Java objects within the system. There are several ways of doing this, and the Digester component was designed to provide a common implementation that can be used in many different projects...
CVE-2023-42509
JFrog Artifactory later than version 7.17.4 but prior to version 7.77.0 is vulnerable to an issue whereby a sequence of improperly handled exceptions in repository configuration initialization steps may lead to exposure of sensitive data...
SUSE CVE-2023-52600
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfsevictinode When the execution of diMountipimap fails, the object ipimap that has been released may be accessed in diFreeSpecial. Asynchronous ipimap release occurs when rcucore calls jfsfreenode. Therefore, whe...
SUSE CVE-2024-28084
p2putil.c in iNet wireless daemon IWD through 2.15 allows attackers to cause a denial of service daemon crash or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails...
PT-2024-28505 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel, where the struct v4l2 async notifier has several list head members, but only waiting list and done list are initialized. The notifier entry is...
BIT-TENSORFLOW-2021-29576 Heap buffer overflow in `MaxPool3DGradGrad`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad is vulnerable to a heap buffer overflow. The...
BIT-PILLOW-2022-22815
pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...
CVE-2021-47095
In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssifinfo-client early During probe ssifinfo-client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kernel crash if an error pat...
SUSE CVE-2023-52506
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set all reserved memblocks on Node0 at initialization After commit 61167ad5fecdea "mm: pass nid to reservebootmemregion" we get a panic if DEFERREDSTRUCTPAGEINIT is enabled: 0.000000 CPU 0 Unable to handle kernel pagin...
(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
PT-2024-26741
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the DisplayPort driver's sysfs nodes being present to the userspace before the completion of typec altmode set drvdata in dp altmode probe. This can trigger a NUL...
DEBIAN-CVE-2021-47093
In the Linux kernel, the following vulnerability has been resolved: platform/x86: intelpmccore: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platformdeviceput to properly free all resource...
CVE-2021-47082
In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tunfreenetdev Avoid double free in tunfreenetdev by moving the dev-tstats and tun-security allocs to a new ndoinit routine tunnetinit that will be called by registernetdevice. ndoinit is paired with the...
CVE-2021-47095
In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: initialize ssifinfo-client early During probe ssifinfo-client is dereferenced in error path. However, it is set when some of the error checking has already been done. This causes following kernel crash if an error pat...
CVE-2021-47093
In the Linux kernel, the following vulnerability has been resolved: platform/x86: intelpmccore: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platformdeviceput to properly free all resource...