1509 matches found
SUSE CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...
ROS-20250212-07
Vulnerability of JxlEncoderAddJPEGFrame function of JPEG XL decoder of Libjxl library is related to operation outside of memory buffer boundaries. operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
ROS-20250212-05
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to incorrect limitation of operations within the memory buffer. with incorrect limitation of operations within the memory buffer. Exploitation of the vulnerability could allow an attacker acting...
PT-2025-28678 · Irfanview · Irfanview +1
Name of the Vulnerable Software and Affected Versions: IrfanView CADImage Plugin affected versions not specified Description: The DWG File Parser component within the CADImage plugin for IrfanView contains a memory buffer out-of-bounds read issue. Successful exploitation of this issue could allow...
CVE-2024-13614
Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows Standard, Plus, Premium, Kaspersky Free, Kaspersky Anti-Virus, Kaspersky...
CVE-2022-23817
Insufficient checking of memory buffer in AMD Secure Processor ASP Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation...
CVE-2022-2947
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
CVE-2022-28194
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to...
CVE-2024-8938
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...
SUSE SLES12 Security Update : hplip (SUSE-SU-2025:0290-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0290-1 advisory. This update for hplip fixes the following security issues: - CVE-2020-6923: Fixed a memory buffer overflow in the HP Linux Imaging and Printing HPLIP...
ROS-20250203-07
The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of memory after its release. memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service via a specially crafted...
SUSE: Security Advisory (SUSE-SU-2025:0290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2025-2661
software: perl 5.30.3 OS: ROSA-CHROME packageevrstring: perl-5.30.3 CVE-ID: CVE-2023-47100 BDU-ID: 2023-08382 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Sparseunipropstring function of the regcomp.c file of the Perl programming language interpreter is related to an operation exceeding...
CVE-2024-10498
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...
CVE-2024-10498
Schneider Electric PowerLogic HDPM6000 is affected (CVE-2024-10498) by CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. A memory-buffer bounds violation allows a remote attacker to modify configuration values outside the permitted range by sending specific Modbus ...
CVE-2024-10498
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...
CVE-2024-10498
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...
CVE-2024-11139
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow local attackers to exploit these issues to potentially execute arbitrary code when opening a malicious project file...
CVE-2024-11139
CVE-2024-11139 affects Schneider Electric EcoStruxure Power Build Rapsody. A CWE-119-style memory-bounds vulnerability (buffer bounds) may allow local attackers to execute arbitrary code when opening a malicious project file. Reported impact is memory corruption with potential for local code exec...
CVE-2024-11139
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow local attackers to exploit these issues to potentially execute arbitrary code when opening a malicious project file...