Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-34299

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13192)

CVE
Open in Source
#vulnerability#pdf

%PDF-1.5 %���� 1 0 obj << /D [2 0 R /XYZ 70.866 771.024 null] >> endobj 3 0 obj << /D [2 0 R /XYZ 70.866 630.026 null] >> endobj 4 0 obj << /D [2 0 R /XYZ 70.866 534.081 null] >> endobj 5 0 obj << /D [2 0 R /XYZ 70.866 372.811 null] >> endobj 6 0 obj << /D [2 0 R /XYZ 70.866 301.772 null] >> endobj 7 0 obj << /D [8 0 R /XYZ 85.039 151.929 null] >> endobj 9 0 obj << /D [10 0 R /XYZ 70.866 569.44 null] >> endobj 11 0 obj << /S /GoTo /D [2 0 R /Fit] >> endobj 2 0 obj << /Contents 12 0 R /Type /Page /Resources 13 0 R /Parent 14 0 R /Annots [15 0 R 16 0 R 17 0 R 18 0 R 19 0 R 20 0 R] /MediaBox [0 0 595.276 841.89] >> endobj 15 0 obj << /A << /S /URI /Type /Action /URI (https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 434.609 518.276 446.026] >> endobj 17 0 obj << /A << /S /URI /Type /Action /URI (https://support.sw.siemens.com/) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [303.117 391.079 446.757 403.986] >> endobj 18 0 obj << /A << /S /URI /Type /Action /URI (https://www.siemens.com/cert/operational-guidelines-industrial-security) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [164.798 209.7 487.754 221.237] >> endobj 19 0 obj << /A << /S /URI /Type /Action /URI (https://www.siemens.com/industrialsecurity) >> /C [0 1 1] /Subtype /Link /Type /Annot /H /I /Border [0 0 0] /Rect [406.699 179.932 525.406 191.349] >> endobj 13 0 obj << /ProcSet [/PDF /Text] /Font << /F52 21 0 R /F49 22 0 R >> >> endobj 12 0 obj << /Filter /FlateDecode /Length 3161 >> stream x��Z[w�H~���m�9q���Mξx|;�ĉז�3��"a� �������n$@��ٳ���.����U5�7������ٵ���D! �ɓ����SQD$U�d�}��d�,��)S�H����J?-�ۡ�ٷ��a���2b����u>�Lˋ��̞�~��;����qB����;$Q�z�����o��y��^�̅’$’Rp�μ���N��A�S2$�f}4� �[�F?�y��H(UW�� �S����Мj�v_ *%�l��)�����k$B� Ň���~����)��&+�U���#,TC� ���`���J��`̎���8%��&��i’�� �G�r��A�KJ�zY�u��;�x=�*��|_ f�xt��0b �A���� LL���Fa�o�e����YZ�I�/���Ɏ�D��P9h?(#ZE}� 1��#]v0�5�2<�q������D�ht1�d��wv�w�A� ���迒�W��¶���Yg&0Q��D!�ުN:$j fb�K’h�I��&�2Ywn�I�0 ���")��А�D� T2B#��SZl�,�O\�y��2fG�120�-�H�˱^�Eb�� _�’� ��+�kN���@+‡逇$zE &�lmL`��6i��SFC�.$�%\ ����S��(]�e� ��g���:�_�O)ڕ����Ei�<�fv�T����b�^��ۅ�F\a]��a����L$�\����.�y�^���zS�E �B�+�:u� !�����]�^�����S�VPa������� �_��-��Z�ę!�h � �+�����_’Y����NUv�n���4��G �76�)���dD��K���fm���O;�Q̰�����o&��F��`�XK΀�i�,�c�x� �o�^���v�t�~>O��̎�<’K��9��W�vx�Ď ��%n8u�f��xz3&�Cv�]����_���܌�GT(�����k�����݈���w�g��h�jw�h�, i��f��W�w�@l�܆����v��T�`����� ��vX�Ď���${�)̶�@Z��J�S�_�_��+��*Y"44�y��,g�曢z��*^���#���’��dZ&�J5T�T� �1g)�]���Y�Ye<8����A�4����4�WӸ?��Z<;Rf�a�*/�.�8˾ہx�%�D�O�n����,��OcR�M4�_�� ���yR�����%p�&t�P|/�dAl�ۋ ��ՊB�L���̽�j�� ��1� d���nь+�wT�e�ܭH�[�� 7V��[:s�e��n=’>��E5��2�}}Yvjr!U�i%߬��+�S����uӪ�H�l��$�P ���!�9@�������뫋��e�c@�/�D����CX)Q������l�~w������䡃���� x��gT� �B�[��p��D���`�A��Q� ���ci @� �>���?~�0VL��jh���(l4�X���i�"�m h ���FX��@p������k��7Ze 2BT �3�=,Z^’�S��V��ET�#j�:7vA�6���ڠ~ .�,g�GmO$_v�X�?���:X�?

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE