CVE-2023-47580

CVE-2023-47580 affects Fuji Electric TELLUS and TELLUS Lite up to version 4.0.17.0 (and earlier). The vulnerability is due to improper restriction of operations within memory buffers, enabling information disclosure and/or arbitrary code execution when a user opens specially crafted files (X1, V8...

ROS-20231114-02

Vulnerability of XIChangeDeviceProperty Xi/xiproperty.c and RRChangeOutputProperty functions randr/rrrproperty.c of X Window System Xorg-server is related to the possibility of writing outside the boundaries of the buffer in memory. Exploitation of the vulnerability could allow an attacker to cau...

PT-2023-26516 · Intel · Intel Unison

Name of the Vulnerable Software and Affected Versions: Intel Unison affected versions not specified Description: The issue allows an authenticated user to potentially enable escalation of privilege via local access due to access of memory location after end of buffer. Recommendations: At the...

PT-2023-8272 · Amd +1 · Amd Processor Firmware +1

Name of the Vulnerable Software and Affected Versions: AMD affected versions not specified Description: The issue is related to the implementation of System Management Mode SMM in AMD processor firmware, specifically due to insufficient input validation. This could allow a remote attacker to...

OpenVPN Security Vulnerabilities

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an electronic certificate, or a...

PT-2023-6869 · Tellus +1 · Tellus +1

Name of the Vulnerable Software and Affected Versions: TELLUS versions 4.0.17.0 and earlier TELLUS Lite versions 4.0.17.0 and earlier Description: The issue is related to improper restriction of operations within the bounds of a memory buffer. If a user opens a specially crafted file, such as X1,...

kernel: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails

A flaw was found in the Linux kernel’s udmabuf subsystem where the scatter-gather sg pointer was not properly set to NULL if creation of the sg table failed. If userspace attempts to map a dmabuf and the sg table allocation fails e.g., due to memory exhaustion, the kernel later attempts to free a...

kernel: drm/edid: fix info leak when failing to get panel id

In the Linux kernel, the following vulnerability has been resolved: drm/edid: fix info leak when failing to get panel id Make sure to clear the transfer buffer before fetching the EDID to avoid leaking slab data to the logs on errors that leave the buffer unchanged...

shadow-utils: possible password leak during passwd(1) change

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...

CVE-2023-28545 Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS

Memory corruption in TZ Secure OS while loading an app ELF...

CVE-2023-27854

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

Buffer overflow

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

CVE-2023-27854

CVE-2023-27854 affects Rockwell Automation Arena (Arena) 16.20.x; vulnerability is a memory boundary issue (out-of-bounds read) and related uninitialized pointer, triggered by processing crafted files. Exploitation could allow arbitrary code execution with local access and user interaction requir...

CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

PT-2023-6581 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: The issue is related to a memory buffer overflow, allowing an attacker to execute arbitrary code in the context of the current user. This could affect the confidentiality,...

Out-of-bounds Write

libstb.so is vulnerable to Out-of-bounds Write. The vulnerability is caused due to a function f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc function in file stb/stbvorbis.c in which a sufficiently large value in the variable sz overflows with sz+7 and the negative...

CVE-2023-45676

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz overflows with sz+7 in and the negative...

CVE-2023-45676

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz overflows with sz+7 in and the negative...

CVE-2023-45676 Multi-byte write heap buffer overflow in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz overflows with sz+7 in and the negative...