CVE-2022-38693

In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges...

CVE-2022-38696

In BootRom, there's a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges...

CVE-2022-38696

Summary (CVE-2022-38696) : Multiple connected sources identify a vulnerability in BootRom caused by a missing payload size check, which could lead to a memory buffer overflow without requiring extra privileges. The affected component is described as BootRom (often in UNISOC chipsets context). No ...

CVE-2022-38693

CVE-2022-38693 concerns a flaw in FDL1 where a missing payload size check can cause a memory buffer overflow. Sources consistently describe the issue as affecting FDL1, with exploitation not requiring additional execution privileges and a network attack vector (per CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C...

CVE-2022-38693

In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges...

CVE-2022-38693

In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges...

CVE-2022-38692

In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This could lead to memory buffer overflow without requiring additional execution privileges...

PT-2025-35466

Name of the Vulnerable Software and Affected Versions: BootRom affected versions not specified Description: A missing payload size check in BootRom could lead to a memory buffer overflow, and does not require additional execution privileges. Recommendations: At the moment, there is no information...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of payload size checking and could result in a memory buffer overflow...

Linux Distros Unpatched Vulnerability : CVE-2020-6923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HP Linux Imaging and Printing HPLIP software may potentially be affected by memory buffer overflow. CVE-2020-6923 Note that Nessus relies on the presence of...

ROS-20250827-09

Vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding the memory buffer boundaries. operation outside of the memory buffer. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity,...

CVE-2025-38669 Revert "drm/gem-shmem: Use dma_buf from GEM object instance"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dmabuf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field become...

CVE-2025-38511

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might...

CVE-2025-38511

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Clear all LMTT pages on alloc Our LMEM buffer objects are not cleared by default on alloc and during VF provisioning we only setup LMTT PTEs for the actually provisioned LMEM range. But beyond that valid range we might...

NVIDIA Triton Inference Server Stack Overflow Vulnerability

Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. A stack overflow...

Security Bulletin: Astronomer with IBM is vulnerable to several vulnerabilities

Summary Open source software is used by Astronomer with IBM as part of overall processing functionality. Vulnerability Details CVEID:CVE-2021-33194 DESCRIPTION: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service infinite loop via crafted...

Linux Distros Unpatched Vulnerability : CVE-2022-50226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal t...

Linux Distros Unpatched Vulnerability : CVE-2023-28772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.13.3. lib/seqbuf.c has a seqbufputmemhex buffer overflow. CVE-2023-28772 Note that Nessus relies on the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

技术文章存档 ------ Paper list： Talking About Exploit Writing Bypassing AntiVirus Detection for Malicious PDFs MBR病毒分析 使用bochs调试MBR 基于MBR的系统登录密码验证程序 PDF文件格式分析 恶意PDF文件解析思路 Win 7下定位kernel32.dll基址及shellcode编写 CVE-2009-0658漏洞分析 Firefox vulnerabilityCVE-2011-0065 Bypassing DEP CVE-2009-4324漏洞分析 Flash XSS漏洞挖...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

Awesome Advanced Windows Exploitation References List of Awesome Advanced Windows Exploitation References This list is for anyone wishing to upgrade on their Windows Exploitation Knowledge. Anyway, this is a living resources and will update regularly with latest research articles/talks of awesome...