The vulnerability of the lsx_read_w_buf() function in the formats_i.c component of the SoX sound processing program allows a hacker to cause a service failure.

The vulnerability of the lsxreadwbuf function in the formsi.c component of the SoX sound processing program is related to the copying of buffers without checking the input data. Exploiting this vulnerability allows an attacker to cause a service failure using a specially created file...

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even...

Reverb use after free vulnerability

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

CVE-2024-8375

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

protobuf-java has potential Denial of Service issue

Summary When parsing unknown fields in the Protobuf Java Lite and Full library, a maliciously crafted message can cause a StackOverflow error and lead to a program crash. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team Affected versions: This issue affects all versions of both t...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 9, 2024 to September 15, 2024)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with =1,000 Active Installs are in scope for all researchers. In addition, through October 14th, 2024 , r esearchers...

CVE-2024-45769

A vulnerability was found in Performance Co-Pilot PCP. This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash...

pcp security update

6.2.0-5.0.1 - Fixed libpcp derived metric issue for ol9 Orabug: 36538820 6.2.0-5 - Fix buffer sizing checks in pmstore PDU handling RHEL-57805 - Guard against symlink attacks in pmpost program RHEL-57810 - Fix libpcpweb webgroup slow request refcounting RHEL-58306 - Updated pmdahacluster for newe...

CVE-2024-31178

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::TableFeaturePropNextTables::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-31165

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::SetFieldAction::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-31197

CVE-2024-31197 affects Open Networking Foundation libfluid (libfluid_msg module); vulnerable component is fluid_msg::of10::Port:unpack in libfluid 0.1.0. Impact per provided metrics: CVSSv3.1 base 7.5 (HIGH) via network access, no user interaction, availability impact HIGH; confidentiality/integr...

CVE-2024-31196 NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::ActionList::unpack10. This issue affects libfluid: 0.1.0...

CVE-2024-31194 Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::MultipartReplyPortStats::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-31191 Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-31189 Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::MultipartRequestTableFeatures::unpack. This issue affects libfluid: 0.1.0...

CVE-2024-31188

CVE-2024-31188 describes an out-of-bounds read in the Open Networking Foundation (ONF) libfluid library, specifically in the libfluid_msg module, function fluid_msg::of13::MultipartReplyTableFeatures::unpack. Affected version is libfluid 0.1.0. The available connected records reiterate the vulner...

CVE-2024-31186

CVE-2024-31186 : An out-of-bounds read vulnerability exists in Open Networking Foundation (ONF) libfluid, specifically in the libfluid_msg module’s function path fluid_msg::of13::QueueGetConfigReply::unpack, affecting libfluid 0.1.0. The issue is documented across multiple sources (NVD/Red Hat/CV...

CVE-2024-31182 NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::QueuePropertyList::unpack10. This issue affects libfluid: 0.1.0...

CVE-2024-31169

CVE-2024-31169 affects Open Networking Foundation libfluid 0.1.0. Root cause is an out-of-bounds read in fluid_msg::of10::QueueGetConfigReply::unpack. Reported as affecting libfluid with potential impact to availability (and limited confidentiality) per CVSS/agency entries; exploitation details a...

CVE-2024-31167

Consolidated details from connected sources confirm CVE-2024-31167 affects the Open Networking Foundation (ONF) libfluid package, specifically version 0.1.0, due to an unchecked return value leading to a NULL pointer dereference in the fluid_msg::QueuePropertyList::unpack13 routine. Impact: avail...