Grok up to 9.2.0 apply_palette_clr heap-based overflow

A vulnerability, which was classified as critical, was found in Grok up to 9.2.0. Affected is the function grk::FileFormatDecompress::apply_palette_clr. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

Description Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege

CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

Description IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive

CVE-2024-53144 : LINUX KERNEL UP TO 6.1.112/6.6.54/6.10.13/6.11.2 HCI_EVENT PRIVILEGE ESCALATION

CVE-2024-53144 : LINUX KERNEL UP TO 6.1.112/6.6.54/6.10.13/6.11.2 HCI_EVENT PRIVILEGE ESCALATION

Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This