CVE-2023-28812

There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in...

CVE-2023-28812

CVE-2023-28812 affects the Hikvision Web Browser Plug-in LocalServiceComponents. The vulnerability is described as a buffer overflow in the plug-in that can be triggered by sending crafted messages to systems with the plug-in installed, potentially allowing arbitrary code execution or causing the...

CVE-2023-28812

There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in...

PT-2023-21986 · Hikvision · Localservicecomponents

Name of the Vulnerable Software and Affected Versions: plug-in affected versions not specified Description: The issue allows an attacker to exploit it by sending crafted messages to computers with the plug-in installed, modifying plug-in parameters. This could cause affected computers to download...

Hikvision Web Browser Plug-in LocalServiceComponents Security Vulnerability

Hikvision Web Browser Plug-in LocalServiceComponents is a web browser plug-in from Hikvision, a Chinese company. A security vulnerability exists in Hikvision Web Browser Plug-in LocalServiceComponents, which stems from a buffer overflow vulnerability that could allow an attacker to send a crafted...

Hikvision Web Browser Plug-in LocalServiceComponents Security Vulnerability

Hikvision Web Browser Plug-in LocalServiceComponents is a web browser plug-in from Hikvision, a Chinese company. A security vulnerability exists in Hikvision Web Browser Plug-in LocalServiceComponents, which stems from a buffer overflow vulnerability that could allow an attacker to send a crafted...

[SECURITY] Fedora 39 Update: gstreamer1-plugins-base-1.22.7-1.fc39

GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...

[SECURITY] Fedora 39 Update: gstreamer1-plugins-bad-free-1.22.7-1.fc39

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

Fedora: Security Advisory for gstreamer1-plugins-bad-free (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe

A NULL pointer dereference was found in the IT6505 DisplayPort bridge driver. If an HPD interrupt fires before the DRM bridge registration completes, the driver attempts to access an uninitialized AUX channel, causing a kernel crash...

kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c

A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusbdecexitdvb function because of the lack of a dvbfrontenddetach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a...

kernel: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe

A NULL pointer dereference was found in the IT6505 DisplayPort bridge driver. If an HPD interrupt fires before the DRM bridge registration completes, the driver attempts to access an uninitialized AUX channel, causing a kernel crash...

SUSE CVE-2015-0283

The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service infinite loop and CPU consumption via a request for a 1 group with a large number of members or 2 user that belongs to a large number o...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - July 2023 - Includes Oracle July 2023 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities a...

CVE-2023-27316

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed...

CVE-2023-27316

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed...

Spoofing

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed...

CVE-2023-27316 Privilege Escalation Vulnerability in SnapCenter

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed...

CVE-2023-27316 Privilege Escalation Vulnerability in SnapCenter

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed...

Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.

Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...