Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reader locking issue in the presence of sub-buffer order changes...

The vulnerability of the Acrobat Reader PDF file viewing and editing program lies in the ability to read beyond the allowed range when analyzing the created file, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Acrobat Reader PDF viewer and editor lies in the reading of data beyond the permitted range in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted file...

kernel: ethtool: check device is present when getting link settings

A flaw was found in ethtool in the Linux kernel, where sysfs reader getting link settings can attempt to read the device state on a device that is not present, leading to a crash...

WordPress Content Syndication Toolkit Reader plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Content Syndication Toolkit Reader versions = 1.5...

WordPress Content Syndication Toolkit Reader Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Content Syndication Toolkit Reader Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51696 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c15b730abc5 Credits João Pedro S...

The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers is related to insufficient validation of input data. This allows attackers to gain access to read and write data in the PCI configuration space.

The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to read and write data in the PCI configuration space...

The vulnerability of the RtsPer.sys driver in Realtek’s SD card readers involves writing beyond the buffer boundaries in memory, allowing an attacker to perform writes at arbitrary kernel addresses.

The vulnerability of the RtsPer.sys driver in Realtek’s SD card readers is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to perform writing operations at arbitrary kernel addresses...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a hacker to restart the application.

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to incorrect processing of character definitions during SNMP configuration. Exploiting this vulnerability could allow a malicious actor to remotely restart the application...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a perpetrator to enable debugging functions.

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to the presence of undocumented configuration commands. Exploiting this vulnerability could allow an attacker to enable debugging functions...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a perpetrator to trigger a service failure and expose the protected information.

The vulnerability of SIMATIC Reader software’s configuration files is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures and disclose protected information when a faulty certificate is loaded...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a perpetrator to influence the confidentiality of the protected information.

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality of the protected information...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a perpetrator to trigger a service failure.

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to lack of access control. Exploiting this vulnerability could allow an intruder to cause service interruptions by creating instances of Ajax2App...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2672)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2638)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a perpetrator to activate additional functions of the device.

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to the presence of undocumented configuration commands. Exploiting this vulnerability can allow attackers to activate additional functions of the device by modifying the configuration files...

Foxit Reader Multiple Vulnerabilities (Oct 2024) - Windows

Foxit Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:reader";...

CVE-2024-40431

A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTLSCSIPASSTHROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user...

Realtek SD card reader driver 安全漏洞

The Realtek SD card reader driver is a card reader driver from China-based Realtek Semiconductor Realtek. A security vulnerability exists in Realtek SD card reader driver version 10.0.26100.21374 and prior versions, which stems from a lack of input validation, and could allow a privileged attacke...

CVE-2024-40432

A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTLSFFDISKDEVICECOMMAND control of the SD card reader driver allows a privileged attacker to crash the OS...

CVE-2024-40431

CVE-2024-40431 involves Realtek SD card reader driver with insufficient input validation in IOCTL_SCSI_PASS_THROUGH, allowing a low-privileged user to write to predictable kernel memory locations. Affected: Realtek SD card reader driver versions prior to 10.0.26100.21374. Impact: potential kernel...