283 matches found
CVE-2024-47705
In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blkaddpartition The blkaddpartition function initially used a single if-condition ISERRpart to check for errors when adding a partition. This was modified to handle the specific...
AZL-51150 CVE-2024-47705 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blkaddpartition The blkaddpartition function initially used a single if-condition ISERRpart to check for errors when adding a partition. This was modified to handle the specific...
CVE-2024-39590
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLCv3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to...
CVE-2024-39589
CVE-2024-39589 concerns multiple invalid pointer dereference vulnerabilities in the OpenPLC_v3 Runtime EtherNet/IP parser, specifically within the Protected_Logical_Read_Reply path. The flaw stems from dereferencing truncated addresses due to memmove usage on request-derived values, enabling a cr...
CVE-2024-39590
OpenPLC_v3 is affected by CVE-2024-39590 due to invalid pointer dereference in the OpenPLC Runtime EtherNet/IP parser, specifically in Protected_Logical_Read_Reply and Protected_Logical_Write_Reply. Affected OpenPLC_v3 build 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a allows a specially crafted Ethe...
CVE-2024-39590
Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLCv3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an invalid pointer dereference in the clk:sunxi-ng module when sunxiccuprobe calls hwtoccucommon,...
Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability
Talos Vulnerability Report TALOS-2024-1945 Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability April 18, 2024 CVE Number CVE-2023-51391 SUMMARY An invalid pointer dereference vulnerability exists in the HTTP server header parsing functionality of Silic...
CVE-2023-51391
A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service...
CVE-2023-51391 Micrium OS Network uC-HTTP server header parsing invalid pointer dereference vulnerability
A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service...
Micrium OS Network HTTP Server 安全漏洞
Micrium OS Network HTTP Server is an application from Micrium Corporation, USA. A security vulnerability exists in Micrium OS Network HTTP Server that stems from the presence of an invalid pointer dereference, resulting in a device crash and a denial of service DOS attack...
Siemens SCALANCE OpenSSL NULL Pointer Dereference (CVE-2023-0217)
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive informatio...
Security Bulletin: IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway, Configuration Utility, VPN, Certificate and Base Module affected by multiple vulnerabilities
Summary Vulnerabilities contained within libcurl a 3rd party component and Open SSL were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Certificate, VPN and Base Modules. Vulnerabilities contained within Netty a 3rd party component were addressed in the IBM MaaS360 Mobi...
Out-of-Bounds Read
libdwarf.so is vulnerable to Out-of-Bounds Read. The vulnerability exists because of an invalid pointer dereference via an invalid line table which allows an attacker to cause an application crash...
CVE-2020-27545
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object...
CVE-2020-27545
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object...
CVE-2020-27545
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object...
Important: Red Hat Security Advisory: openssl security and bug fix update
An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Tenable Nessus <= 10.4.2 Multiple Vulnerabilities (TNS-2023-09)
According to its self-reported version, the Tenable Nessus application running on the remote host is 10.4.2 or earlier. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 3.0.8, spin.js prior to version 2.3.2, and datatables.net prior to version 1.13.2: - An attack...