SUSE CVE-2024-40724

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product...

OESA-2024-1851 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas...

OESA-2024-1848 arm-trusted-firmware security update

Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas...

DEBIAN-CVE-2024-40724

Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product...

PT-2024-5528 · Assimp +4 · Assimp +4

Name of the Vulnerable Software and Affected Versions: Assimp versions prior to 5.4.2 Description: The issue is related to a heap-based buffer overflow vulnerability. It allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product. This can be achieved...

SUSE CVE-2024-6563

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...

DEBIAN-CVE-2024-6563

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...

UBUNTU-CVE-2024-6563

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...

git: additional local RCE

A flaw was found in Git in a full copy of a Git repository. A prerequisite for this vulnerability is for an unauthenticated attacker to place a specialized repository on their target's local system. If the victim were to clone this repository, it could result in arbitrary code execution...

Trusted Firmware Security Vulnerability

Trusted Firmware is ARM's reference implementation of security software for the Armv8-A, Armv9-A and Armv8-M. It provides SoC developers and OEMs with a reference trusted code base that conforms to the relevant Arm specifications. A security vulnerability exists in Trusted Firmware that stems fro...

PT-2024-37719 · Renesas +1 · Arm Trusted Firmware +1

Name of the Vulnerable Software and Affected Versions: Renesas arm-trusted-firmware versions prior to the fixed version Description: The issue is related to a Buffer Copy without Checking Size of Input, also known as a 'Classic Buffer Overflow', which allows Local Execution of Code. This is...

OESA-2024-1805 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: Buffer Overflow...

CVE-2024-1182

Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electri...

DEBIAN-CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

UBUNTU-CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

git: additional local RCE

A flaw was found in Git in a full copy of a Git repository. A prerequisite for this vulnerability is for an unauthenticated attacker to place a specialized repository on their target's local system. If the victim were to clone this repository, it could result in arbitrary code execution...

SUSE CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

DEBIAN-CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

UBUNTU-CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

Linaro Trusted Firmware-A Security Vulnerability

Linaro Trusted Firmware-A is an open source trusted firmware from Linaro. A security vulnerability exists in Linaro Trusted Firmware-A, which stems from a miscalculation issue that allows local code execution...