CVE-2023-44329 ZDI-CAN-21798: Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Bridge versions 13.0.4 and earlier and 14.0.0 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2023-44327 ZDI-CAN-21793: Adobe Bridge MP4 File Uninitialized Variable Information Disclosure Vulnerability

Adobe Bridge versions 13.0.4 and earlier and 14.0.0 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2023-44327 ZDI-CAN-21793: Adobe Bridge MP4 File Uninitialized Variable Information Disclosure Vulnerability

Adobe Bridge versions 13.0.4 and earlier and 14.0.0 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2023-44365 ZDI-CAN-21931: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 23.006.20360 and earlier and 20.005.30524 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

CVE-2023-44365 ZDI-CAN-21931: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 23.006.20360 and earlier and 20.005.30524 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Adobe Audition MP4 File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4...

Low: Red Hat Security Advisory: qt5-qtsvg security update

An update for qt5-qtsvg is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

qt: Uninitialized variable usage in m_unitsPerEm

A vulnerability was found in qt. The security flaw occurs due to uninitialized variable usage in munitsPerEm...

ALSA-2023:6961 Low: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: Uninitialized variable usage in munitsPerEm CVE-2023-32573 For more detail...

Low: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: Uninitialized variable usage in munitsPerEm CVE-2023-32573 For more detail...

qt: Uninitialized variable usage in m_unitsPerEm

A vulnerability was found in qt. The security flaw occurs due to uninitialized variable usage in munitsPerEm...

Moderate: Red Hat Security Advisory: qt5 security and bug fix update

An update for the qt5 stack is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2023:6369 Moderate: qt5 security and bug fix update

Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 qtbase: buffer overflow in...

Rocky Linux 8 : wavpack (RLSA-2020:1581)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1581 advisory. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion...

Moderate: qt5 security and bug fix update

Qt is a software toolkit for developing applications. Security Fixes: qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation CVE-2023-34410 qtbase: buffer overflow in...

The vulnerability of the Routing Protocol Demon (RPD) in Juniper Networks’ Junos OS and Junper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Data RPD in Juniper Networks’ Junos OS and Juniper Networks’ Junos OS Evolved operating systems is related to the use of an uninitialized variable. Exploiting this vulnerability can allow attackers to cause service failures...

CVE-2023-46361

Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2error at /jbig2dec/jbig2.c...

CVE-2023-45667

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

CVE-2023-45667

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...