CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

Mozilla Firefox < 124.0

The version of Firefox installed on the remote Windows host is prior to 124.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-12 advisory. - Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that...

UBUNTU-CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

DEBIAN-CVE-2023-50716

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

UBUNTU-CVE-2023-50716

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

eProsima Fast DDS Security Vulnerability

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS Fast RTPS versions prior to 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, which stems from an invalid DATAFRAG sub-messag...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets due to a memory corruption when parsing a qcp clip with an invalid block data size...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that originates from a kernel panic when a host sends an invalid H2C PDU length...

Use After Free

libcurl.so is vulnerable to Use After Free. The vulnerability is due to improper freeing of an easy handle within the Curlclose function. The application frees the struct without assigning it to a null pointer. The usage of previously freed memory could lead to data corruption or lead to a crash ...

Missing Input Validation for Media Type

Lines of code Vulnerability details The validateMediaType function in the ArtPieceMetadata contract performs some input validation for the mediaType field in the metadata parameter. However, it lacks validation for the associated data fields based on the mediaType. This could lead to issues where...

CVE-2023-40074

In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40074

In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2023-40074

In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-6070

A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn...

CVE-2023-6070

A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn...

CVE-2023-29045

Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborati...

PT-2023-22109 · Ox Software Gmbh +1 · Ox App Suite +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Documents operations, specifically "drawing", could be manipulated to contain invalid data types, possibly script code. This script code could be inject...