`rmp-serde` `Raw` and `RawRef` may crash when receiving invalid UTF-8

It was found that Raw::fromutf8 expects valid UTF-8. If invalid UTF-8 is received it can cause the process to crash...

GHSA-255R-3PRX-MF99 `rmp-serde` `Raw` and `RawRef` may crash when receiving invalid UTF-8

It was found that Raw::fromutf8 expects valid UTF-8. If invalid UTF-8 is received it can cause the process to crash...

crewjam/saml vulnerable to Denial Of Service Via Deflate Decompression Bomb

Our use of flate.NewReader does not limit the size of the input. The user could pass more than 1 MB of data in the HTTP request to the processing functions, which will be decompressed server-side using the Deflate algorithm. Therefore, after repeating the same request multiple times, it is possib...

CVE-2023-23918

A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https://nodejs.org/api/permissions.html feature in Node.js and access non authorized modules by using process.mainModule.require. This only...

K71891773: BIG-IP APM VPN vulnerability CVE-2021-23002

Security Advisory Description The session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. CVE-2021-23002 Impact An attacker with privileges to view the command line ...

Siemens JT Open Toolkit Stack Buffer Overflow Vulnerability

Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany. It provides support for 64-bit application development on Microsoft Windows, Linux and MacOS. Siemens JT Open Toolkit suffers from a stack buffer overflow vulnerability that can be exploited...

CVE-2023-24558

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

GHSA-G6PW-999W-J75M ELF header parsing library doesn't check for valid offset

The crate has several unsafe sections that don't perform proper pointer validation. An example can be found in the following function: fn sectionheaderraw&self - &ET::SectionHeader let shoff = self.elfheader.sectionheaderoffset as usize; let shnum = self.elfheader.sectionheaderentrynum as usize;...

Siemens Solid Edge Viewer JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Radio Steam Disclosure

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Unauthenticated Radio Stream Disclosure Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...

Siemens Teamcenter Visualization and JT2Go Stack Buffer Overflow Vulnerability

Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. Siemens JT2GO is a JT file viewer. Siemens Teamcenter Visualization and JT2Go are vulnerable to a stack buffer overflow vulnerability that could be exploited by an attacker...

GSD-2022-1008239 riscv: process: fix kernel info leakage

riscv: process: fix kernel info leakage This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...

GSD-2022-1008163 riscv: process: fix kernel info leakage

riscv: process: fix kernel info leakage This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...

GSD-2022-1007778 riscv: process: fix kernel info leakage

riscv: process: fix kernel info leakage This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.9 by commit 358a68f98304b40b201ba5afe94c20355aa3dc6...

Upgraded Q -> M from #366 [1670366311052]

Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 5. Cannot cancel mutual consent Mutual consent works by using two TXs with the same msg.data. However, when first one call, there is no way to cancel it. First caller might send wrong msg.data or later caller change...

Out-of-bounds

Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message...

CVE-2022-39136

A vulnerability has been identified in JT2Go All versions = V13.3.0.7 V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.3, Teamcenter Visualization V14.1 All versions V14.1.0.4. The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted T...

Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

CVE-2022-33884

Parsing a maliciously crafted XB file can force Autodesk AutoCAD 2023 and 2022 to read beyond allocated boundaries. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...