kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()

An uninitialized value vulnerability was found in the alauda USB storage driver in the Linux kernel. In alaudacheckmedia, the function does not verify that USB transfer operations succeeded before using the received data. If a transfer fails, uninitialized memory may be accessed, leading to...

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. The SONY XAV-AX5500 suffers from a stack buffer overflow vulnerability that stems from an extended content description object built in a WMV media file that can trigger an...

GLSA-202409-06 : file: Stack Buffer Overread

The remote host is affected by the vulnerability described in GLSA-202409-06 file: Stack Buffer Overread Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

file: Stack Buffer Overread

Background The file utility attempts to identify a file’s format by scanning binary data for patterns. Description Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Impact File has an stack-based buffer over-read in filecopystr ...

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the wireless network driver mt_7615.ko software for Sonos audio devices allows a hacker to execute arbitrary code.

The vulnerability of the wireless network driver mt7615.ko of Sonos audio devices is related to stack buffer overflow. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the OpenVPN Connect software lies in the overflow of buffers in the stack, which allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the OpenVPN Connect software is related to insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...

SUSE SLES12: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2024:3229-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3229-1 advisory. - CVE-2024-3447: Fix heap buffer overflow in sdhciwritedataport. bsc1218485 - CVE-2023-6693: Fix stack buffer overflow in...

The vulnerability of the Gstreamer multimedia framework, related to buffer overflows in the stack, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Gstreamer multimedia framework is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

SUSE-SU-2024:3229-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-3447: Fix heap buffer overflow in sdhciwritedataport. bsc1218485 - CVE-2023-6693: Fix stack buffer overflow in virtionetflushtx. bsc1218484...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2024-38014)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A stack buffer overflow vulnerability exists in Siemen...

Mageia: Security Advisory (MGASA-2024-0289)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0289 Updated zziplib packages fix security vulnerability

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134...

Updated zziplib packages fix security vulnerability

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134...

Linux Kernel PIE Stack Buffer Corruption Vulnerability

Linux kernel contains a position-independent executable PIE stack buffer corruption vulnerability in loadelf binary that allows a local attacker to escalate privileges...

Unspecified Vulnerability in Tenda FH1201 (CNVD-2024-40285)

The Tenda FH1201 is a wireless router from Tenda China. A security vulnerability exists in Tenda FH1201 v1.2.0.14, which is caused by a stack buffer overflow vulnerability in "formWrlExtraGet". The vulnerability is caused by a stack buffer overflow vulnerability in "formWrlExtraGet"...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...