CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

Design/Logic Flaw

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

CVE-2023-6334

HYPR Workforce Access for Windows is affected by CVE-2023-6334 due to an improper restriction of operations within a memory buffer, leading to a buffer overflow. Affected product: HYPR Workforce Access (Windows); vulnerable component/condition: operations within a memory buffer not properly restr...

CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

PT-2024-14931 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Restriction of Operations within the Bounds of a Memory Buffer, which allows Overflow Buffers. This can be exploited in HYPR Workforce Access on...

HYPR Buffer Error Vulnerability

HYPR is a security application from HYPR that implements passwordless security. A security vulnerability exists in HYPR versions prior to 8.7 that stems from a buffer overflow due to improperly restricted operations within a memory buffer range...

PT-2024-1102 · Citrix · Citrix Netscaler Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix NetScaler ADC and NetScaler Gateway affected versions not specified Description: The issue is related to improper restriction of operations within the bounds of a memory buffer in Citrix NetScaler ADC and NetScaler Gateway, allowing...

CVE-2023-41056 Redis vulnerable to integer overflow in certain payloads

Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4...

CVE-2023-41056

CVE-2023-41056 affects Redis and is fixed in Redis 7.0.15 and 7.2.4. The issue arises from incorrect handling of memory buffer resizing, causing an integer overflow that can trigger a heap overflow and potential remote code execution. Public references in various advisories (e.g., Fedora/Red Hat/...

CVE-2023-41056

Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4...

PT-2024-1084 · Microsoft · Azure Storage Mover

Name of the Vulnerable Software and Affected Versions: Azure Storage Mover affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing an attacker to execute arbitrary code. Recommendations: At the moment, there is no information about a newer versio...

GTKWave EVCD var len parsing improper array index validation vulnerability

Talos Vulnerability Report TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability January 8, 2024 CVE Number CVE-2023-34087 SUMMARY An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially...

GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...

GTKWave VCD var definition section out-of-bounds read vulnerabilities

Talos Vulnerability Report TALOS-2023-1805 GTKWave VCD var definition section out-of-bounds read vulnerabilities January 8, 2024 CVE Number CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443 SUMMARY Multiple out-of-bounds read vulnerabilities exist in the VC...

GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1823 GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-38657 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially craft...

GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2023-1813 GTKWave VZT vztrdgetfacname decompression out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-38649,CVE-2023-38648 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of...

GTKWave LXT2 lxt2_rd_get_facname decompression out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2023-1826 GTKWave LXT2 lxt2rdgetfacname decompression out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-39443,CVE-2023-39444 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A...

GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1810 GTKWave VZT LZMARead dmem extraction out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-37282 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMARead dmem extraction functionality of GTKWave 3.3.115. A specially crafted...

GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1811 GTKWave VZT LZMAreadvarint out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-36861 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMAreadvarint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead ...

CVE-2023-43512

Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer...