CVE-2022-47384 CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution...

CVE-2021-46764

Improper validation of DRAM addresses in SMU may allow an attacker to overwrite sensitive memory locations within the ASP potentially resulting in a denial of service...

CVE-2021-46775

Improper input validation in ABL may enable an attacker with physical access, to perform arbitrary memory overwrites, potentially leading to a loss of integrity and code execution...

PT-2023-12584 · Abl · Abl

Name of the Vulnerable Software and Affected Versions: ABL affected versions not specified Description: The issue is related to improper input validation in ABL, which may allow an attacker with physical access to perform arbitrary memory overwrites. This could potentially lead to a loss of...

PT-2023-12578 · Amd · 2Nd Gen Amd Epyc™ +41

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves improper validation of DRAM addresses in SMU, which may allow an attacker to overwrite sensitive memory locations within the ASP,...

CVE-2023-21498

Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory...

PT-2023-18252 · Unknown · Mpos Tui Trustlet

Name of the Vulnerable Software and Affected Versions: mPOS TUI trustlet versions prior to SMR May-2023 Release 1 Description: The issue is related to improper input validation in the setPartnerTAInfo function, which allows local attackers to overwrite the trustlet memory. Recommendations: For...

CVE-2023-21498

Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory...

CVE-2023-21498

CVE-2023-21498 concerns Samsung’s mPOS TUI trustlet. The vulnerability is an improper input validation flaw in the function setPartnerTAInfo, which can allow a local attacker to overwrite trustlet memory. The issue is addressed in the SMR May-2023 Release 1 or later (per multiple sources in the c...

SiLabs Z-Wave over IP Gateway 安全漏洞

The SiLabs Z-Wave over IP Gateway is a hardware unit that plugs into a Wi-Fi router and is used to add and configure Z-Wave devices as well as create and run "scenarios". A security vulnerability exists in the SiLabs Z-Wave over IP Gateway that originates from intrusive physical access that could...

PT-2023-4342 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: CODESYS products affected versions not specified Description: The issue is related to an out-of-bounds write vulnerability that can be exploited by an authenticated, remote attacker to write data into memory. This can lead to a...

Debian: Security Advisory (DLA-493-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-647-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K02825271: Linux kernel vulnerability CVE-2017-13166

Security Advisory Description An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. CVE-2017-13166 Impact This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace...

K47009044: FreeBSD vulnerability CVE-2016-1887

Security Advisory Description Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen...

K65280235: Linux vulnerability CVE-2021-42252

Security Advisory Description An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka...

K84341091: Apache2 vulnerability CVE-2019-10081

Security Advisory Description HTTP/2 2.4.20 through 2.4.39 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplie...

SUSE CVE-2005-3962

Integer overflow in the format string functionality Perlsvvcatpvfn in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as...

SUSE CVE-2006-3082

parse-packet.c in GnuPG gpg 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service gpg crash and possibly overwrite memory via a message packet with a large length long user ID string, which could lead to an integer overflow, as demonstrated using the...

SUSE CVE-2006-6499

The jsdtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins tha...