1509 matches found
CVE-2024-10921
An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to...
PT-2024-10125 · Rsync +10 · Rsync +10
The rsync daemon is affected by a flaw that can be triggered when comparing file checksums, allowing an attacker to manipulate the checksum length and cause a comparison between a checksum and uninitialized memory. This results in the leak of one byte of uninitialized stack data at a time. An...
CVE-2024-8938
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...
CVE-2024-8938
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...
CVE-2024-8938
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...
CVE-2024-8938
CVE-2024-8938 affects Schneider Electric Modicon M340, MC80, and Momentum Unity M1E hardware. The root cause is a memory buffer handling flaw (CWE-119) that can enable arbitrary code execution after a Man-In-The-Middle attack, by crafting a Modbus function to tamper with memory areas involved in ...
CVE-2024-8937
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...
CVE-2024-42442
APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...
CVE-2024-42442
APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...
CVE-2024-33658
APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity...
CVE-2024-33658 Buffer Overflow Vulnerability In OFBD
APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity...
CVE-2024-33658 Buffer Overflow Vulnerability In OFBD
APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity...
CVE-2024-33658
AMI AptioV BIOS contains a local vulnerability (improper restriction of operations within the bounds of a memory buffer). The issue can be exploited locally to escalate privileges and potentially execute arbitrary code, impacting integrity. Connected sources identify AptioV BIOS as the affected c...
CVE-2024-42442
CVE-2024-42442 concerns AMI AptioV BIOS vulnerability: a network-triggered flaw allows code execution outside the intended System Management Mode by compromising BIOS memory boundaries. The description notes a memory-buffer restriction breach enabling execution beyond SMRAM, with exploitation des...
CVE-2024-42442 Runtime Service Access outside SMRAM
APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...
Advisory ROSA-SA-2024-2518
software: memcached 1.6.22 OS: ROSA-CHROME packageevrstring: memcached-1.6.22-1 CVE-ID: CVE-2023-46852 BDU-ID: 2023-08094 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the proxyruncoroutine function protoproxy.c of the memcached data caching software tool is related to an operation exceeding buffe...
PT-2024-9224 · Microsoft · Office 365 +1
Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Office 365 affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to execute arbitrary code. This can allow an attacker to run...
PT-2024-8154 · Microsoft · Office Excel
Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to execute arbitrary code. This can allow an attacker to perform unauthorized actions on the system...
ROS-20241108-03
Vulnerability of multiqtune function of schmultiq component of Linux kernel is related to writing outside of dynamic memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code in kernel mode by executing specially specially...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2024-30090 - LPE PoC CVE-2024-30090https://msrc.mic...