NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0101)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public...

amd: Return Address Predictor vulnerability leading to information disclosure

A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure...

Autodesk AutoCAD Buffer Error Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A security vulnerability exists in Autodesk AutoCAD versions 2023 and 2024, which stems from parsing a maliciously crafted STP file can lead to dereferencing of untrusted pointers, which can be...

Adobe Bridge Security Vulnerability

Adobe Bridge is a file viewer from Adobe USA. A security vulnerability exists in Adobe Bridge prior to version 13.0.4 and prior to version 14.0.0, which stems from an Access to Uninitialized Pointers vulnerability that could lead to a sensitive memory disclosure...

Adobe Bridge Security Vulnerability

Adobe Bridge is a file viewer from Adobe USA. A security vulnerability exists in Adobe Bridge prior to version 13.0.4 and prior to version 14.0.0, which stems from an Access to Uninitialized Pointers vulnerability that could lead to a sensitive memory disclosure...

Adobe Acrobat Reader Security Vulnerability

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A security vulnerability exists in Adobe Acrobat Reader prior to version 23.006.20360 and prior to version 20.005.30524, which stems from an Access to Uninitialized...

kernel: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs

In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generatelfpdataptrs When size != 0 || ptrs-lvds entries != 3, the program tries to free the ptrs. However, the ptrs is not created by calling kzmalloc, but is obtained by pointer offset...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()

An out-of-bounds read vulnerability was found in the SCSI Enclosure Services SES driver in the Linux kernel. The sesenclosuredataprocess function lacks proper bounds checking when processing additional descriptor pointers, allowing reads beyond allocated slab memory when handling malformed...

kernel: eBPF: insufficient stack type checks in dynptr

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAPBPF privileges to escalate privileges and...

kernel: bpf: Fix wrong reg type conversion in release_reference()

A flaw was found in the eBPF subsystem in the Linux kernel. When a resource is released, the pointer registers related to the resource are incorrectly converted to the wrong type, allowing kernel pointers to be exposed to unprivileged users...

kernel: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs

In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generatelfpdataptrs When size != 0 || ptrs-lvds entries != 3, the program tries to free the ptrs. However, the ptrs is not created by calling kzmalloc, but is obtained by pointer offset...

krb5: Denial of service through freeing uninitialized pointer

A vulnerability was found in the xdrkadm5principalentrec function in lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 krb5. This issue occurs due to lack of validation in the relationship between nkeydata and the keydata array count, leading to the freeing of uninitialized pointers. This may allow a remo...

PT-2025-18843 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the net/mlx5 module. The issue occurs when the vport's mc, uc, and multicast rules are not deleted in the teardown pat...

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A security vulnerability exists in Rockwell Automation Arena Simulation, which can be exploited by an attacker to submit unauthorized code...

DEBIAN-CVE-2023-45679

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, but some of the pointers in f-commentlist are left initialized and later setupfree is called on these...

PT-2023-29646 · Unknown +2 · Stb Vorbis +2

Name of the Vulnerable Software and Affected Versions: stb vorbis affected versions not specified Description: The issue is related to the processing of ogg vorbis files. A crafted file can cause a memory allocation failure in the start decoder function, leading to some pointers in f-comment list...

RUSTSEC-2023-0078 Potential stack use-after-free in `Instrumented::into_inner`

The implementation of the Instrumented::intoinner method in affected versions of this crate contains undefined behavior due to incorrect use of std::mem::forget The function creates const pointers to self, calls mem::forgetselfstd::mem::forget, and then moves values out of those pointers using...

Motorola MTM5000 Security Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability in the Motorola MTM5000, which stems from a lack of pointer validation of parameters passed to the Trusted Execution Environment TEE module, can be exploited by an attacker to obtain secure supervised code executi...