The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Adobe InCopy text creation and editing software lies in the reading of data outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe InCopy text creation and editing software relates to the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created SVG file...

The vulnerability of the Adobe Bridge file manager, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading beyond the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by opening a specially created file...

The vulnerability of the Rizin command-line tool set relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Rizin command-line tool set is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Altair HyperView Player

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Altair Equipment: HyperView Player Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Use of Uninitialized Resource, Improper Validation of Array Index 2. RISK EVALUATION Successful...

PT-2022-5402 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a privilege escalation vulnerability in the Microsoft Windows COM+ Event System Service. It is caused by a buffer overflow in memory, which can be exploite...

The vulnerability of the swtpm TPM emulator, related to reading beyond the buffer in memory, allows a malicious actor to trigger a service failure.

The vulnerability of the swtpm TPM emulator is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the pre-processing processor Simcenter Femap, caused by overflow in the dynamic memory buffer, allows a hacker to execute arbitrary code.

The vulnerability of the pre-processing processor Simcenter Femap arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code as a result of analyzing specially created .NEU files...

uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities

Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...

The software for human-machine interfaces, WECON LeviStudioU, is vulnerable. An attacker can execute arbitrary code.

The vulnerability of the WECON LeviStudioU software for human-machine interface programming arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Thunderbird email client, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of the Thunderbird email client relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially crafted email message...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

ImageMagick ReadXBMImage Information Disclosure (CVE-2018-16323)

An information disclosure vulnerability exists in ImageMagick. The vulnerability is due to improper handling of memory buffer by ReadXBMImage. A remote attacker could exploit this vulnerability by having an affected application that implements ImageMagick process a maliciously crafted file...

CVE-2022-37302

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a crash of the Control Expert software when an incorrect project file is opened. Affected Products: EcoStruxure Control ExpertV15.1 HF001 and prior...

CVE-2022-37302

CVE-2022-37302 affects Schneider Electric EcoStruxure Control Expert (formerly Unity Pro) and is described as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. The vulnerability can cause the Control Expert software to crash when opening an incorrect project file, ...

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerabilities: Improper Input Validation, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Command Injection, Inadequate Encryption Strength, Missing...

Microsoft Edge’s vulnerability, related to the execution of operations beyond the buffer in memory, allows a malicious actor to execute arbitrary code on the target system.

The vulnerability of Microsoft Edge relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the target system by having the user open a specially created malicious web page...

The vulnerability of the libIEC61850 library, related to reading data outside the buffer in memory, allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the libIEC61850 library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures...

The vulnerability of Huawei’s microprogrammed software lies in the fact that operations are performed outside of the buffer in memory, allowing attackers to read or write arbitrary files within the system.

The vulnerability of Huawei’s microprogrammed software is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to read or write arbitrary files in the system by sending a specially crafted request...