The vulnerability of the h5tools_str_sprint function (/hdf5/tools/lib/h5tools_str.c) in the hdf5-file viewing program h5dump from the HDF5 library allows a attacker to cause a service failure.

The vulnerability of the h5toolsstrsprint function /hdf5/tools/lib/h5toolsstr.c in the hdf5 file viewer program h5dump from the HDF5 library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Apple releases emergency updates for two known-to-be-exploited vulnerabilities

On Friday April 7, 2023, Apple released iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 for the iPhone, iPad, and Mac, respectively, and our advice is to install them as soon as possible because all three updates include important security fixes. The Cybersecurity and Infrastructure Security Agency...

The vulnerability of Adobe Dimension’s 3D design software lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Adobe Dimension’s 3D design software lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Adobe Dimension’s 3D design software lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Adobe Dimension’s 3D design software lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe Dimension’s 3D design software relates to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Substance 3D Stager software lies in its susceptibility to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Substance 3D Stager software lies in its susceptibility to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Substance 3D Stager software lies in its susceptibility to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Substance 3D Stager software lies in its susceptibility to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in a buffer overflow in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted file...

CVE-2023-26257

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...

Design/Logic Flaw

An issue was discovered in the Connected Vehicle Systems Alliance COVESA; formerly GENIVI dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c...

SUSE CVE-2021-42114

Modern DRAM devices PC-DDR4, LPDDR4X are affected by a vulnerability in their internal Target Row Refresh TRR mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips o...

The vulnerability of the Google Chrome browser’s WebUI user interface allows a hacker to execute arbitrary code.

The vulnerability of the WebUI user interface of Google Chrome is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...

The vulnerability of the pretty.c::format_and_padCommit() function, a formatting mechanism for Git’s distributed version control system, allows a hacker to execute arbitrary code.

The vulnerability of the pretty.c::formatandpadCommit function, a formatting mechanism for Git’s distributed version control system, is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

The vulnerability of the Server Message Block Version 2 (SMB2) protocol implementation in the Snort intrusion detection system of Cisco Firepower Threat Defense (FTD), the Cisco Meraki MX network device management software, the Cisco Cyber Vision industrial network security control solution, and the Cisco Umbrella cloud security service allows a perpetrator to bypass security restrictions and cause service interruptions.

The vulnerability of the Server Message Block Version 2 SMB2 implementation in the Snort intrusion detection system of the Cisco Firepower Threat Defense FTD microprogramming network interface devices, the Cisco Meraki MX network devices, the Cisco Cyber Vision industrial network security control...

The vulnerability in the src/normal.c component of the text editor Vim allows a hacker to execute arbitrary code.

The vulnerability in the src/normal.c component of the Vim text editor is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to buffer overflows in dynamic memory. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to buffer overflow in dynamic memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...