nginx 1.1.x < 1.1.19 / 1.0.x < 1.0.15 A Buffer Overflow Vulnerability

According to its Sever response header, the installed version of nginx is 1.0.x prior to 1.0.15 or 1.1.x prior to 1.1.19. It is, therefore, affected by the following issue : - Buffer overflow in ngxhttpmp4module.c in the ngxhttpmp4module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through...

CVE-2024-30212

If a SCSI READ10 command is initiated via USB using the largest LBA 0xFFFFFFFF with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works to wri...

CVE-2024-35798

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

CVE-2024-35798

CVE-2024-35798 is a Linux kernel vulnerability in btrfs where a race in read_extent_buffer_pages can cause uptodate status to be missed during concurrent reads of the same extent buffer. The issue can lead to concurrent modification and tree-checker errors (e.g., corrupted nodes) due to an unnece...

CVE-2024-35798

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

CVE-2024-35798 btrfs: fix race in read_extent_buffer_pages()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

CVE-2024-35798 btrfs: fix race in read_extent_buffer_pages()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

CVE-2024-35798 btrfs: fix race in read_extent_buffer_pages()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when...

Heap-Based Buffer Overflow

radare2 is vulnerable to heap-based buffer overflow. The vulnerability is due to insufficient input validation, allowing attackers to overwrite data in the heap memory...

CVE-2024-22808

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory...

Tormach PathPilot Controller 安全漏洞

Tormach PathPilot Controller is a series of controllers from Tormach USA. A security vulnerability exists in Tormach PathPilot Controller version v2.9.6. An attacker could exploit this vulnerability to cause a denial of service DoS by overwriting the card name in the device's memory to interrupt...

CVE-2024-22808

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory...

PT-2024-19569 · Tormach · Tormach Xstech Cnc Router +1

Name of the Vulnerable Software and Affected Versions: Tormach xsTECH CNC Router, PathPilot Controller version 2.9.6 Description: The issue allows attackers to cause a Denial of Service DoS by disrupting the communication between the PathPilot controller and the CNC router via overwriting the...

PT-2024-18089 · Unknown · Electrolink Fm/Dab/Tv Transmitter

Name of the Vulnerable Software and Affected Versions: Electrolink FM/DAB/TV Transmitter affected versions not specified Description: The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides ...

SUSE CVE-2024-26712

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasaninitregion, when kstart is not page aligned, at the begin of for loop, kcur = kstart & PAGEMASK is less than kstart, and then va = block + kcur - kstart is less than...

DEBIAN-CVE-2024-26712

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasaninitregion, when kstart is not page aligned, at the begin of for loop, kcur = kstart & PAGEMASK is less than kstart, and then va = block + kcur - kstart is less than...

CVE-2024-2214

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2214

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2214 Missing array size check in _Mtxinit() in the Xtensa port

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

CVE-2024-2214

CVE-2024-2214 affects Eclipse ThreadX, specifically the Xtensa port. The vulnerability arises from an ineffective array size check in the _Mtxinit() function, leading to a memory overwrite in ports/xtensa/xcc/src/tx_clib_lock.c. It applies to ThreadX versions prior to 6.4.0. The available documen...