PT-2024-14947 · Gecko Sdk · Gecko Sdk

Name of the Vulnerable Software and Affected Versions: Gecko SDK affected versions not specified Description: A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK, which may result in a denial of service or remote code execution. Recommendations: At t...

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR 3.2.1 and prior versions that stems from an inability to validate the number of scanline samples that contain deep scanline data. An attacker could exploit this vulnerabili...

PT-2024-19550 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3 Description: A buffer overflow issue was detected in GPAC via the gf isom new generic sample description function in the isomedia/isom write.c file at line 4577. This issue can be exploited, potentially leading to security...

CVE-2023-45039

creationtimestamp| type| source ---|---|--- 2024-01-24 14:47:05+00:00| seen| https://t.me/ctinow/172797...

Malicious code in sample-schema-mgmt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c4ef77c3bb30fb8fc7dc5c8e999eb9187db74dca1d1a5dc38068c32b54ae508b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-50096

STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeAReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications 1.2.0, and thus c...

Buffer overflow

STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeAReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications 1.2.0, and thus c...

CVE-2023-50096

STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeAReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications 1.2.0, and thus c...

pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

A flaw was found in pixman. This issue causes an out-of-bounds write in rasterizeedges8 due to an integer overflow in pixmansamplefloory. This can result in data corruption, a crash, or code execution...

pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

A flaw was found in pixman. This issue causes an out-of-bounds write in rasterizeedges8 due to an integer overflow in pixmansamplefloory. This can result in data corruption, a crash, or code execution...

VulnCheck KEV: CVE-2021-41569

SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library included by default in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro...

pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

A flaw was found in pixman. This issue causes an out-of-bounds write in rasterizeedges8 due to an integer overflow in pixmansamplefloory. This can result in data corruption, a crash, or code execution...

pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

A flaw was found in pixman. This issue causes an out-of-bounds write in rasterizeedges8 due to an integer overflow in pixmansamplefloory. This can result in data corruption, a crash, or code execution...

DEBIAN-CVE-2023-4771

A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information...

Ubuntu 18.04 LTS : WavPack vulnerability (USN-3960-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3960-1 advisory. It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service. Tenable has extracte...

Medium: tomcat

Issue Overview: A flaw was found in the Apache Tomcat package. An example web application did not filter the form authentication example, exposing a Cross-site scripting XSS vulnerability. CVE-2022-34305 Affected Packages: tomcat Note: This advisory is applicable to Amazon Linux 2 - Tomcat8.5...

CVE-2023-42336

An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component...

CVE-2023-42336

An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code and obtain sensitive information via the password parameter in the /etc/shadow.sample component...

NETIS SYSTEMS WF2409E Trust Management Issues Vulnerability

NETIS SYSTEMS WF2409E is a wireless router from NETIS SYSTEMS. A security vulnerability exists in the NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 version that originates from obtaining sensitive information via the password parameter in the /etc/shadow.sample component...

An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit.

...