CVE-2020-27486

Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length...

CVE-2020-14936

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmpoiddecodeoid may overwrite memory areas beyond the provided...

CVE-2019-5609

In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 device emulation used a guest-provided value to determine the size of the on-stack buffer without...

CVE-2019-2123

In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

CVE-2013-0109

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service memory overwrite via a crafted application...

CVE-2019-15879

In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel...

Alibaba Cloud Linux 3 : 0018: php:7.4 (ALINUX3-SA-2023:0018)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0018 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-21707: In PHP versions 7.3.x belo...

Alibaba Cloud Linux 3 : 0036: nginx:1.18 (ALINUX3-SA-2021:0036)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0036 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-23017: A security issue in nginx resolver...

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2025-1540)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2025-1541)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the nvJPEG2000 library in NVIDIA GPU graphics software allows a perpetrator to execute arbitrary code and rewrite data in the memory buffer.

The vulnerability of the nvJPEG2000 library in NVIDIA GPU graphics software relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and rewrite data in the memory buffer...

EulerOS 2.0 SP10 : uboot-tools (EulerOS-SA-2025-1541)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4...

SUSE CVE-2023-53065

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...

CVE-2023-53065

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...

UBUNTU-CVE-2023-53065

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...

CVE-2023-53065 perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...

Amazon Linux 2 : python-pillow (ALAS-2025-2784)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2784 advisory. Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows...

Medium: python-pillow

Issue Overview: Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file. CVE-2016-0740 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Linux Distros Unpatched Vulnerability : CVE-2023-52916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: aspeed: Fix memory overwrite if timing is 1600x900 When capturing 1600x900, system could crash when system memory usage is tight. The way to reproduce th...

Linux Distros Unpatched Vulnerability : CVE-2021-23017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory...