PT-2024-9509 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.8, 24.0.5 and earlier Description: The issue is related to an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu...

Adobe Bridge 14.x < 14.1.4 / 15.x < 15.0.1 Vulnerability (APSB24-103)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 14.1.4 or 15.0.1. It is, therefore, affected by a vulnerability as referenced in the apsb24-103 advisory. - Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow Wrap or Wraparound...

Adobe Animate 23.x < 23.0.9 / 24.x < 24.0.6 Multiple Vulnerabilities (APSB24-96)

The version of Adobe Animate installed on the remote Windows host is prior to 23.0.9 or 24.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-96 advisory. - Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound...

Adobe Animate 23.x < 23.0.9 / 24.x < 24.0.6 Multiple Vulnerabilities (APSB24-96)

The version of Adobe Animate installed on the remote macOS or Mac OS X host is prior to 23.0.9 or 24.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-96 advisory. - Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or...

Adobe Bridge 14.x < 14.1.4 / 15.x < 15.0.1 Vulnerability (APSB24-103)

The version of Adobe Bridge installed on the remote Windows host is prior to 14.1.4 or 15.0.1. It is, therefore, affected by a vulnerability as referenced in the apsb24-103 advisory. - Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability...

CVE-2024-52558

The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program...

CVE-2024-52558

CVE-2024-52558 affects Planet Technology’s Planet WGS-804HPT industrial 8-port switch. Affected component is the web service that handles HTTP requests; an unauthenticated attacker can send a malformed request exploiting an integer underflow to crash the device. Official summaries from CISA/ICS d...

CVE-2024-52558 Planet Technology Planet WGS-804HPT Integer Underflow

The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program...

CVE-2024-52558 Planet Technology Planet WGS-804HPT Integer Underflow

The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program...

CVE-2018-9388

In storeupgrade and storecmd of drivers/input/touchscreen/stm/ftm4pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from a lack of bounds checking or integer underflow, leading to out-of-bounds writes. An attacker can escalate privileges by exploiting the vulnerability...

XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

MGASA-2024-0371 Updated rapidjson packages fix security vulnerability

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...

Updated rapidjson packages fix security vulnerability

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...

CVE-2018-5852

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4nat'...

CVE-2018-5852 Buffer Over-read in IPA

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4nat'...

CVE-2018-5852 Buffer Over-read in IPA

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4nat'...

Ubuntu: Security Advisory (USN-7125-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2024-52811

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...

CVE-2024-52811 Acks not validated before logged to qlog leads to buffer overflow in ngtcp2

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...