FreeBSD : osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer (15a62f22-098a-443b-94e2-2d26c375b993)

osip developers reports : In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msgosipbodyparse function defined in osipparser2/osipmessageparse.c, resulting in a remote DoS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

The vulnerability of the datal driver’s refclock parameter in the Network Time Protocol NTP allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the datal driver parameter of the Network Time Protocol refclock protocol is caused by an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code or cause a service failure by using a negative...

The vulnerability of the system call in the TrustZone of the Android CAF-release operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone system call in the Android CAF-release operating system arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

Out-of-bounds

An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.220170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allow an...

CVE-2017-12708

CVE-2017-12708 affects Advantech WebAccess versions prior to V8.2_20170817. It is an improper restriction of operations within the bounds of a memory buffer (CWE-119) that could allow referencing invalid memory locations, potentially enabling arbitrary code execution or a crash. Multiple connecte...

CVE-2017-12708

An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.220170817. Researchers have identified multiple vulnerabilities that allow invalid locations to be referenced for the memory buffer, which may allow an...

Memory corruption

In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion...

CVE-2015-9035

In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion...

CVE-2017-9633

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 PMB 8876 chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti...

Design/Logic Flaw

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 PMB 8876 chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti...

CVE-2017-9633

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 PMB 8876 chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti...

CVE-2017-9633

The CVE-2017-9633 entry documents a TMSI-related vulnerability in Continental AG Infineon S-Gold 2 (PMB 8876) used in telematics control units (TCUs) across multiple vehicles (BMW, Ford, Infiniti, Nissan models from 2009–2016). The issue is an Improper Restriction of Operations within the Bounds ...

The vulnerability of the Kernel component in iOS and Mac OS X operating systems allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Kernel component in iOS and Mac OS X operating systems arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context, or to cause a service failure memory...

Continental AG Infineon S-Gold 2 (PMB 8876)

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Continental AG Equipment: Infineon S-Gold 2 PMB 8876 Vulnerabilities: Stack-Based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUC...

Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code in the context of the current user

The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code in the context of the current user

The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

The vulnerability of the FlexNet Publisher software management tool allows a perpetrator to execute arbitrary code.

The vulnerability of the FlexNet Publisher license management software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with system privileges...

The vulnerability in Firefox ESR and Firefox web browsers relates to the execution of operations beyond the buffer boundaries in memory, which allows an attacker to trigger a service failure.

The vulnerability in Firefox ESR and Firefox relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Fuji Electric V-Server

CVSS v3 7.3 ATTENTION: Remotely exploitable Vendor: Fuji Electric Equipment: V-Server Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUCTS The following versions of V-Server, a data collection and management service, are affected: V-Server Versi...

The vulnerability of the Android operating system’s kernel driver, which allows a hacker to trigger a service failure

The vulnerability of the Android operating system’s kernel driver arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to cause a service failure...