CVE-2024-26000

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

Input validation

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

Input validation

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26001 PHOENIX CONTACT: Out of bounds write only memory access

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26001

Phoenix Contact CHARX SEC series devices (e.g., CHARX SEC-3100/CHARX SEC-3000 family) are affected by a vulnerability in the MQTT stack where improper input validation allows an unauthenticated, remote attacker to write memory out of bounds. The issue is described as a buffer/length validation fl...

CVE-2024-26001 PHOENIX CONTACT: Out of bounds write only memory access

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26000

CVE-2024-26000 affects Phoenix Contact CHARX SEC-3100 devices due to an out-of-bounds read in the MQTT stack caused by improper input validation. An unauthenticated remote attacker can read memory, with memory randomization reducing brute-force effectiveness. Multiple connected sources confirm th...

CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26000 PHOENIX CONTACT: Out of bounds read only memory access

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

PT-2024-21273 · Phoenix Contact · Charx Sec-3100

Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3100 affected versions not specified Description: An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful...

kernel: x86/mm: Randomize per-cpu entry area

A possible unauthorized memory access flaw was found in the Linux kernel cpuentryarea mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. This issue could allow a local user to gain access to some important data with expected locatio...

CVE-2024-20748

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20735

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20747

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-20734

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction i...

CVE-2024-20722

Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

PT-2024-1765 · Adobe · Substance3D - Painter

Name of the Vulnerable Software and Affected Versions: Substance3D - Painter versions 9.1.1 and earlier Description: The issue is related to an out-of-bounds read operation in memory, which could allow an attacker to disclose sensitive information. Exploitation of this issue requires user...

WordPress plugin File Manager security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-1701 · Adobe · Acrobat Reader +3

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat versions prior to 20.005.30539 Adobe Acrobat Reader versions prior to 20.005.30539 Adobe Acrobat 2020 versions prior to 20.005.30539 Adobe Reader 2020 versions prior to 20.005.30539 Acrobat Reader versions 20.005.30539 and earli...

CVE-2024-20715

Adobe Substance 3D Stager versions 2.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...