The vulnerability of the VMCI component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the VMCI component in the Linux operating system’s kernel is related to errors in resource management within the dgdispatchashost function. Exploiting this vulnerability can allow an attacker to trigger a service failure...

CLSA-2024-1729874131 kernel: Fix of 43 CVEs

drm/amdgpu: Validate TA binary size CVE-2024-44977 - drm/amd/display: Avoid overflow from uint32t to uint8t CVE-2024-47661 - scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo CVE-2024-46842 - ALSA: line6: Fix racy access to midibuf CVE-2024-44954 - exec: Fix ToCToU between perm check and...

Delta Electronics CNCSoft-G2 Out-of-Bounds Write Vulnerability

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 Buffer Overflow Vulnerability (CNVD-2024-40831)

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 out-of-bounds read vulnerability (CNVD-2024-40832)

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 out-of-bounds read vulnerability can be exploited by an attacker to execute code in the context of the current process...

CVE-2024-46738

...

CLSA-2024-1728583613 Fix of 18 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dcvalidatestream CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpioid before used as array index...

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 缓冲区错误漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 安全漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from an uninitialized variable vulnerability that can be exploited by an attacker to execute code in the context of the current process...

kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost The Linux kernel CVE team has assigned CVE-2024-35944 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051920-CVE-2024-35944-a860@gregkh/T...

kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver()

A vulnerability was found in the eventdeliver function in the Linux kernel's VMCI component, where the issue involves a lack of sanitization for the eventdata.event index controlled by user-space, which could lead to speculative information leaks...

DEBIAN-CVE-2024-46738

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmciresourceremove When removing a resource from vmciresourcetable in vmciresourceremove, the search is performed using the resource handle by comparing context and resource...

Delta Electronics CNCSoft-G2 Buffer Overflow Vulnerability (CNVD-2024-32986)

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. The Delta Electronics CNCSoft-G2 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 Out-of-Bounds Write Vulnerability

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 缓冲区错误漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Delta Electronics CNCSoft-G2 缓冲区错误漏洞

Delta Electronics CNCSoft-G2 is a human-machine interface HMI software from Delta Electronics, China. Delta Electronics CNCSoft-G2 suffers from an out-of-bounds read vulnerability that can be exploited by a remote attacker to execute code in the context of the current process...

The vulnerability of the Rockwell Automation FactoryTalk View SE human-machine interface control software lies in the improper assignment of permissions to critical resources, allowing a perpetrator to increase their privileges.

The vulnerability of the Rockwell Automation FactoryTalk View SE human-machine interface management software is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow an attacker to enhance their privileges by modifying scripts...

The vulnerability of the Rockwell Automation FactoryTalk View SE HMI software, related to deficiencies in authentication procedures, allows a intruder to disclose protected information.

The vulnerability of the Rockwell Automation FactoryTalk View SE human-machine interface management software is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

CVE-2024-37368

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...