CVE-2024-48857 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec...

CVE-2024-48856 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec...

CVE-2024-48856

CVE-2024-48856 affects BlackBerry/QNX SDP, specifically the PCX image codec. The issue is an out-of-bounds write in the PCX codec that impacts SDP versions 8.0, 7.1 and 7.0, allowing an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process u...

CVE-2024-48855 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec...

CVE-2024-48855

CVE-2024-48855 affects BlackBerry/QNX SDP: an out-of-bounds read in the TIFF image codec impacts SDP versions 8.0, 7.1 and 7.0, enabling an unauthenticated attacker to cause information disclosure within the process using the image codec. Reported impact aligns with information disclosure (confid...

CVE-2024-48855 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec...

CVE-2024-48854 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec...

CVE-2024-48854 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec...

CVE-2024-48854

CVE-2024-48854 involves an off-by-one error in the TIFF image codec of BlackBerry QNX SDP. Affected products: QNX SDP versions 8.0, 7.1 and 7.0. The underlying issue is an off-by-one defect in the TIFF codec that could allow an unauthenticated attacker to perform an information disclosure within ...

CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform SDP versions 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process...

CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform SDP versions 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process...

CVE-2024-35215

The CVE-2024-35215 issue affects QNX Software Development Platform (SDP) 7.0 and 7.1, where a NULL pointer dereference in the IP socket options processing of the Networking Stack can allow a local attacker to cause a denial-of-service in the Networking Stack process. This is the explicit root cau...

Important: nodejs security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks CVE-2024-22019 For more details about the security...

nodejs:16 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

nodejs:18 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ROS-20230504-03

A vulnerability in the minimatch package of the Node.js software development platform is related to a call to the braceExpand function with with certain arguments. Exploitation of the vulnerability could allow an attacker acting remotely, to cause a denial of service...

nodejs:14 security update

An update is available for nodejs-nodemon, nodejs, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform f...

Important: Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Bug Fixes and Enhancements: nodejs:12/nodejs: rebase...

CVE-2021-32025

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform versions 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0....

Privilege escalation

An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform versions 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0....