537 matches found
PT-2024-2778 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security-feature bypass vulnerability in the implementation of the Secure Boot protocol in Windows operating systems. It is caused by a buffer overflow in memory,...
The vulnerability of thejq programming language lies in its ability to write data beyond the buffer boundaries in memory, which allows attackers to trigger a service failure.
The vulnerability of the JQ programming language lies in the overflow of the stack buffer in distributions that use decNumber. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-21913 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption
A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can ru...
The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording data beyond the buffer limit in memory, allows a hacker to execute arbitrary code.
The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current user...
The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the microprogramming software in the BIOS of Dell PowerEdge servers and Dell Precision Rack workstations allows a intruder to gain unauthorized access to protected information.
The vulnerability of the BIOS software on Dell PowerEdge servers and Dell Precision Rack workstations relates to the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
Advisory ROSA-SA-2024-2373
Software: pixman 0.38.4 OS: ROSA Virtualization 2.1 packageevrstring: pixman-0.38.4.src.rpm CVE-ID: CVE-2022-44638 BDU-ID: 2022-06667 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rasterizeedges8 function of the Pixman library is related to the ability to write beyond buffer boundaries in...
The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...
The vulnerability of the LLVM component of the macOS operating system, allowing a hacker to execute arbitrary code
The vulnerability of the LLVM component of the macOS operating system relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the 3D model texturing program Adobe Substance 3D Painter, related to the occurrence of operations outside the buffer boundaries in memory, allows attackers to disclose protected information.
The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to disclose protected information...
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the ability to write data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to trigger a malfunction during maintenance.
The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix lies in the fact that the output data may escape from memory into the operating system. Exploiting this vulnerability could allow a malicious actor to cause malfunctions during operation...
The vulnerability of the put_unweighted_pred_16_fallback() function in the h.265 Libde265 implementation allows a hacker to trigger a service failure.
The vulnerability of the putunweightedpred16fallback function in the h.265 Libde265 implementation is related to the output of the operation being stored in memory beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using a...
The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of data...
The vulnerability of the libxml2 library in operating systems macOS, iOS, and iPadOS allows attackers to trigger a service failure.
The vulnerability of the libxml2 library in operating systems such as macOS, iOS, and iPadOS is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Host KVM Daemon on the BMC – Baseboard Management Controller of the NVIDIA DGX A100 server allows a attacker to gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.
The vulnerability of the NVIDIA DGX A100 server’s Host KVM Daemon, a device management controller, lies in the fact that operation data is written outside of the buffer in memory. Exploiting this vulnerability allows an attacker to gain access to read, modify, or delete data, execute arbitrary...
CVE-2023-6334
HYPR Workforce Access for Windows is affected by CVE-2023-6334 due to an improper restriction of operations within a memory buffer, leading to a buffer overflow. Affected product: HYPR Workforce Access (Windows); vulnerable component/condition: operations within a memory buffer not properly restr...
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a malicious actor to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a hacker to execute arbitrary code.
The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...