17 matches found
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS prior to version 16.7.9 and iPadOS prior to version 16.7.9, which stems...
Autodesk AutoCAD Out-of-Bounds Read Vulnerability
Autodesk AutoCAD is a set of professional 3D drawing software from the American Autodesk Corporation. An out-of-bounds read vulnerability exists in Autodesk AutoCAD version 2024.1.4, which stems from a lack of proper validation of user-supplied data when parsing maliciously crafted 3DM, MODEL, an...
Autodesk AutoCAD Out-of-Bounds Read Vulnerability (CNVD-2024-33003)
Autodesk AutoCAD is a set of professional 3D drawing software from the American Autodesk Corporation. An out-of-bounds read vulnerability exists in Autodesk AutoCAD version 2024.1.5, which stems from a lack of proper validation of user-supplied data when parsing maliciously crafted 3DM files in...
CVE-2024-23147 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted CATPART, XB and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...
CVE-2024-23142 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted CATPART, STP, and MODEL file, when parsed in atfdwgconsumer.dll, rosex64vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process...
CVE-2024-23129 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of th...
CVE-2024-23127
A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSWDLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the...
CVE-2022-41302
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current proce...
Apple Xcode out-of-bounds read vulnerability (CNVD-2022-23937)
Apple Xcode is an integrated development environment provided to developers by Apple, Inc. and is primarily used to develop applications for Mac OS X and iOS. Apple Xcode is vulnerable to an out-of-bounds read vulnerability, which can be exploited by attackers to cause unexpected termination of a...
Debian DLA-1882-1 : atril security update
A few issues were found in Atril, the MATE document viewer. CVE-2017-1000159 When printing from DVI to PDF, the dvipdfm tool was called without properly sanitizing the filename, which could lead to a command injection attack via the filename. CVE-2019-11459 The tiffdocumentrender and...
Debian DLA-1074-1 : poppler security update
Several buffer and integer overflow issues were discovered in Poppler, a PDF library, that could lead to application crash or possibly other unspecified impact via maliciously crafted files. For Debian 7 'Wheezy', these problems have been fixed in version 0.18.4-6+deb7u2. We recommend that you...
openSUSE Security Update : gstreamer-plugins-good (openSUSE-2017-93)
This update for gstreamer-plugins-good fixes the following issues : - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 - CVE-2016-9636: Prevent maliciously crafted...
Security update for gstreamer-0_10-plugins-good (important)
This update for gstreamer-010-plugins-good fixes the following issues: - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 - CVE-2016-9636: Prevent maliciously craft...
Mageia: Security Advisory (MGASA-2015-0283)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated wesnoth packages fix security vulnerability
Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed usi...
Updated wesnoth packages fix security vulnerability
Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed in...
FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30154/info The 'libavformat' library from FFmpeg is prone to a remote heap-based buffer-overflow vulnerability because of insufficient boundary checks when parsing STR data. Remote attackers can exploit this issue by...