PHOENIX CONTACT CHARX SEC Buffer Error Vulnerability

The PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. The PHOENIX CONTACT CHARX SEC suffers from a buffer error vulnerability that stems from the presence of a buffer error vulnerability. An attacker could use this vulnerability to trigger a denial of...

BIT-TENSORFLOW-2021-29583 Heap buffer overflow and undefined behavior in `FusedBatchNorm`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FusedBatchNorm is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The...

DEBIAN-CVE-2021-47078

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Clear all QP fields if creation failed rxeqpdocleanup relies on valid pointer values in QP for the properly created ones, but in case rxeqpfrominit failed it was filled with garbage and caused tot the following error...

CVE-2021-46986

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Free gadget structure only after freeing endpoints As part of commit e81a7018d93a "usb: dwc3: allocate gadget structure dynamically" the dwc3gadgetrelease was added which will free the dwc-gadget structure upon...

CVE-2021-46975

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

GHSA-P4M5-32PR-2HQR PyPop C extensions possible vulnerability: missing arguments and redundant null pointers

Impact Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls missing arguments or wrongly typed arguments and redundant null pointers. Patches The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop...

PyPop C extensions possible vulnerability: missing arguments and redundant null pointers

Impact Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls missing arguments or wrongly typed arguments and redundant null pointers. Patches The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop...

PT-2024-40388 · Pypi · Pypop

Name of the Vulnerable Software and Affected Versions: PyPop versions prior to 1.0.2 Description: Code scanning revealed a possible issue in C extensions for PyPop, involving incorrect function calls, such as missing arguments or wrongly typed arguments, and redundant null pointers...

PT-2024-6076 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a crash when adding a lan966x interface under a lag interface in the Linux kernel. This can be reproduced by running specific commands, such as "ip link add nam...

GHSA-Q669-2VFG-CXCG Nervos CKB Unaligned Pointer Dereference

via [email protected] There are multiple type conversions in ckb that unsafely cast between byte pointers and other types of pointers. This results in unaligned pointers, which are not allowed by the Rust language, and are considered undefined behavior, meaning that the compiler is free to do...

PT-2024-40421 · Ckb · Ckb

Name of the Vulnerable Software and Affected Versions: ckb affected versions not specified Description: The issue arises from multiple type conversions in ckb that unsafely cast between byte pointers and other types of pointers, resulting in unaligned pointers. This is considered undefined behavi...

kernel: eBPF: insufficient stack type checks in dynptr

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

kernel: eBPF: insufficient stack type checks in dynptr

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

kernel: eBPF: insufficient stack type checks in dynptr

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2024-20698 About this vulnerability: https://msrc.microsof...

AMI MegaRAC SPx Buffer Error Vulnerability

AMI MegaRAC is a family of service processor products from AMI. Provides complete out-of-band or unlit remote management of computer systems independent of operating system state or location to troubleshoot computers and ensure service continuity. A security vulnerability exists in the AMI MegaRA...

AMI MegaRAC SPx Buffer Error Vulnerability

AMI MegaRAC is a family of service processor products from AMI. Provides complete out-of-band or unlit remote management of computer systems independent of operating system state or location to troubleshoot computers and ensure service continuity. A security vulnerability exists in the AMI MegaRA...

CVE-2023-39316

Multiple integer overflow vulnerabilities exist in the LXT2 numdictentries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer...

PT-2024-2000 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to the hisi acc vfio pci module in the Linux kernel. When the optional PRE COPY support was added to speed up the device compatibility check, it failed to...

OpenHarmony Resource Management Error Vulnerability

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v3.2.2 and earlier versions, which originates from the reuse of pointers released from a multimedia player...