20 matches found
EUVD-2025-206281
Espressif ESP-IDF USB Host HID Human Interface Device Driver allows access to HID devices. Prior to 1.1.0, calls to hidhostdeviceclose can free the same usbtransfert twice. The USB event callback and user code share the hidifacet state without locking, so both can tear down a READY interface...
EUVD-2015-3353
Malicious code in bioql PyPI...
CBL Mariner 2.0 Security Update: grub2 (CVE-2023-4692)
The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4692 advisory. - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue May allow an attacker to...
EulerOS Virtualization 2.11.1 : grub2 (EulerOS-SA-2024-1399)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially...
EulerOS Virtualization 2.10.1 : grub2 (EulerOS-SA-2024-1358)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially...
EulerOS 2.0 SP5 : grub2 (EulerOS-SA-2024-1141)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS...
EulerOS 2.0 SP11 : grub2 (EulerOS-SA-2023-3272)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS...
Low: grub2
Issue Overview: No CVE associated with this advisory Affected Packages: grub2 Issue Correction: Run dnf update grub2 --releasever 2023.2.20231030 or dnf update --advisory ALAS2023-2023-408 --releasever 2023.2.20231030 to update your system. More information on how to update your system can be fou...
CVE-2023-4692
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...
SUSE CVE-2023-4692
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...
CVE-2023-4692
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...
K07052904: PHP vulnerability CVE-2015-3307
Security Advisory Description The pharparsemetadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service heap metadata corruption or possibly have unspecified other impact via a crafted tar archive...
SUSE CVE-2015-3307
The pharparsemetadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service heap metadata corruption or possibly have unspecified other impact via a crafted tar archive...
Nvidia NVIDIA MB2 缓冲区错误漏洞
Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. A security vulnerability exists in NVIDIA MB2 that stems from a boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker can exploit the vulnerability to...
Nvidia NVIDIA MB2 缓冲区错误漏洞
Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. A security vulnerability exists in NVIDIA MB2 that stems from a boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker can exploit the vulnerability to...
Nvidia NVIDIA MB2 缓冲区错误漏洞
Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. NVIDIA MB2 suffers from a buffer error vulnerability that stems from the boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker could exploit the...
CVE-2016-8728
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs ...
CVE-2016-8728
An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs ...
CVE-2015-3307
The pharparsemetadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service heap metadata corruption or possibly have unspecified other impact via a crafted tar archive...
CVE-2015-3307
The pharparsemetadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service heap metadata corruption or possibly have unspecified other impact via a crafted tar archive...