CVE-2024-50202 nilfs2: propagate directory read errors from nilfs_find_entry()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfsfindentry Syzbot reported that a task hang occurs in vcsopen during a fuzzing test for nilfs2. The root cause of this problem is that in nilfsfindentry, which searches for directo...

ROS-20241031-02

A vulnerability in the qcom component of the Linux operating system kernel is related to read errors outside of bounds in the F function in drivers/clk/qcom/gcc-ipq9574.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mm/memory-failu...

ROS-20241023-05

A vulnerability in the btrfs component of the Linux operating system kernel is related to an incorrect lock in the function emitfiemapextent in fs/btrfs/extentio.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the powerpc/pseries/iommu...

UBUNTU-CVE-2024-46687

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a use-after-free when hitting errors inside btrfssubmitchunk BUG There is an internal report that KASAN is reporting use-after-free, with the following backtrace: BUG: KASAN: slab-use-after-free in...

Adobe Photoshop Multiple Vulnerabilities (APSB23-56) - Windows

Adobe Photoshop is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:photoshop";...

CVE-2023-46772

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data...

CVE-2023-46772

CVE-2023-46772 describes a vulnerability in the QMI service module where parameters are out of the value range. The resulting behavior can cause errors when reading file data. Connected sources corroborate the same root cause and describe the impact as reading-file-data errors, with several refer...

PT-2025-7710

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential use-after-free issue exists in the Linux kernel due to incorrect consumption of the provided buffer list by IORING OP READ when read I/O returns an error, excluding -EAGAIN a...

Out-Of-Bounds Read

libfreerdp.so is vulnerable to Out-Of-Bound Read. The vulnerability exists because of the lack of boundary checks in the multiopaquerect-numRectangles of orders.c, which leads to out-of-bounds read errors, allowing an attacker to cause an application crash...

CVE-2023-39356

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Mac OS X

Adobe Photoshop is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Windows

Adobe Photoshop is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

httpd: mod_proxy: HTTP response splitting

A flaw was found in the modproxy module of httpd. A malicious backend can cause the response headers to be truncated because they are not cleaned when an error is found while reading them, resulting in some headers being incorporated into the response body and not being interpreted by a client...

Chrome 110 Tackles a Collection of Security Weaknesses

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome version 110 is now being rolled out to the stable channels for Windows, Mac, and Linux users. This update includes bug fixes and improvements, specifically addressing security issues...

Adobe Acrobat 2017 Security Update (APSB22-32) - Mac OS X

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

ROS-20220701-01

Vim text editor vulnerability is related to boundary conditions in textobject.c. Exploitation The vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a read error outside the boundaries, and read the memory contents. victim to open it, cau...

USN-5417-1 linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oracle, linux-raspi vulnerabilities

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive...

USN-5415-1 linux, linux-aws, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service system crash. CVE-2020-27820 Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor...

Adobe Acrobat 2017 Security Update (APSB22-16) - Windows

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

Adobe Acrobat DC Continuous Security Update (APSB22-16) - Windows

Adobe Acrobat Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...