CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

EUVD-2023-35510

Malicious code in bioql PyPI...

EUVD-2023-31166

Malicious code in bioql PyPI...

CVE-2023-27390

A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

Memory corruption vulnerability in Microsoft Edge; MilesightVPN and router could be taken over

Since the beginning of July, Cisco Talos has published 40 vulnerability advisories affecting a range of software and hardware, including the Microsoft Edge browser. In our new series called "Vulnerability Roundup," well be recapping the vulnerabilities we recently disclosed to provide readers wit...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

Heap overflow

A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-27390

A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-27390

A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-27390

Diagon v1.0.139 contains a heap-based buffer overflow in Sequence::DrawText that can lead to arbitrary code execution when processing a specially crafted Markdown file. Talos-TALOS-2023-1744 confirms the vulnerable version and describes the path where DrawText writes text to the Screen buffer, en...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

CVE-2023-31194

Diagon v1.0.139 contains a memory corruption vulnerability in GraphPlanar::Write triggered by specially crafted Markdown input, caused by improper array/index handling during graph processing. Talos detail shows the flaw can lead to segmentation faults or memory corruption when constructing and o...

PT-2023-21093 · Diagon · Diagon

Name of the Vulnerable Software and Affected Versions: Diagon version 1.0.139 Description: A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality. This issue can be triggered by a specially crafted markdown file or network request, potentially leading to arbitra...

Diagon Sequence::DrawText heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1744 Diagon Sequence::DrawText heap-based buffer overflow vulnerability July 5, 2023 CVE Number CVE-2023-27390 SUMMARY A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown...

Diagon 缓冲区错误漏洞

Diagon is an interactive interpreter from the individual developer Arthur Sonzogni in France. A buffer error vulnerability exists in Diagon version v1.0.139, which stems from the presence of a heap-based buffer overflow vulnerability that can be triggered by an attacker sending a network request...

Diagon 输入验证错误漏洞

Diagon is an interactive interpreter from the individual developer Arthur Sonzogni in France. An input validation error vulnerability exists in Diagon version v1.0.139, which stems from the presence of an access conflict vulnerability, where a specially crafted network request could result in a...

PT-2023-23220 · Diagon · Diagon

Name of the Vulnerable Software and Affected Versions: Diagon version 1.0.139 Description: An issue exists in the GraphPlanar::Write functionality of Diagon. A specially crafted input, such as a markdown file or a network request, can lead to memory corruption or a heap buffer overflow. This can ...

Diagon GraphPlanar::Write improper array index validation vulnerability

Talos Vulnerability Report TALOS-2023-1745 Diagon GraphPlanar::Write improper array index validation vulnerability July 5, 2023 CVE Number CVE-2023-31194 SUMMARY An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted...