The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DFT files...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DFT files...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially crafted DFT files...

The vulnerability of the XFRM subsystem in the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the XFRM subsystem in the Linux operating system is related to reading memory beyond the boundaries of the allocated buffer in the net/xfrm/xfrmuser.c module. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the xfrm_state_walk_done() function in the net/xfrm/xfrm_user.c module of the XFRM subsystem in the Linux operating system allows a attacker to compromise the integrity, confidentiality, or accessibility of data, or to enhance their privileges.

The vulnerability of the xfrmstatewalkdone function in the net/xfrm/xfrmuser.c module of the XFRM subsystem in the Linux operating system is related to the use of uninitialized variables. Exploiting this vulnerability could allow an attacker to compromise the integrity, confidentiality, or...

kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. An error while resolving policies in xfrmbundlelookup causes the refcount to drop twice, leading to a possible crash and a denial of service...

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. An error while resolving policies in xfrmbundlelookup causes the refcount to drop twice, leading to a possible crash and a denial of service...

kernel: race condition in xfrm_probe_algs can lead to OOB read/write

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

MAL-2023-878 Malicious code in the-universe-has-your-back-transform-fear-to-faith-by-gabrielle-bernstein-on-iphone-full-pages- (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd2dda2348af7d4384cb9a35d0387e5b87503b49779170d897bca656ab712b0e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

kernel: xfrm: fix refcount leak in __xfrm_policy_check()

A flaw was found in the XFRM subsystem in the Linux kernel. A missing decrement of the reference count when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. An error while resolving policies in xfrmbundlelookup causes the refcount to drop twice, leading to a possible crash and a denial of service...

CVE-2022-25244

A flaw was found in HashiCorp Vault Enterprise. This flaw allows a remote, authenticated attacker to obtain sensitive information caused by a vulnerability in the tokenization transform feature. A remote attacker can obtain the tokenization key by sending a specially-crafted request...

SUSE CVE-2007-0127

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be...

SUSE CVE-2009-0945

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute...

SUSE CVE-2011-1425

xslt.c in XML Security Library aka xmlsec before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification...

SUSE CVE-2013-6412

The transformsave function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors...

SUSE CVE-2015-0254

Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity XXE attacks via a crafted XSLT extension in a 1 or 2 JSTL XML tag...

SUSE CVE-2015-8662

The ffdwtdecode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have...

SUSE CVE-2015-8897

The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service application crash via a crafted png file...