79 matches found
DEBIAN-CVE-2024-46794
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...
CVE-2024-33045 Return of Stack Variable Address in Buses
Memory corruption when BTFM client sends new messages over Slimbus to ADSP...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from the Buses component returning the address of a stack variable...
ASB-A-344620353
Bulletin has no description...
SUSE CVE-2024-27037
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
DEBIAN-CVE-2024-27037
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
CVE-2024-27037
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
AZL-40292 CVE-2024-27037 affecting package hyperv-daemons for versions less than 6.6.29.1-1
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
UBUNTU-CVE-2024-27037
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
CVE-2024-27037
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
CVE-2024-27037 clk: zynq: Prevent null pointer dereference caused by kmalloc failure
In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...
PYSEC-2024-39
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
PT-2024-18918 · Fastecdsa · Fastecdsa
Name of the Vulnerable Software and Affected Versions: fastecdsa versions prior to 2.3.2 Description: The issue is related to the use of an uninitialized variable on the stack, specifically via the curvemath mul function in src/curveMath.c. This variable is used and interpreted as a user-defined...
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2950
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
Memory corruption
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2950
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
Mozilla Firefox < 101.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 101.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-20 advisory. - Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Tea...
CVE-2021-34587
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...
Stack overflow
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable...