1509 matches found
Buffer overflow
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to...
Buffer overflow
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial ...
Buffer overflow
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blobdecompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and...
CVE-2022-28196
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blobdecompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and...
CVE-2022-28194
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to...
CVE-2022-28194
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, potentially leading to code execution, loss of integrity, limited denial of service, and confident...
CVE-2022-28193
The CVE-2022-28193 entry concerns NVIDIA Jetson Linux Driver Package. A vulnerability in the Cboot module tegrabl_cbo.c arises from insufficient validation of untrusted data, which can permit a local attacker with elevated privileges to cause a memory buffer overflow. Claimed impacts include code...
CVE-2022-28193
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial ...
Hitachi Energy MicroSCADA Pro/X SYS600
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Observable Discrepancy, HTTP Request Smuggling, Classic Buffer Overflow, Improper Certificate Validation, Improper Restriction of...
CVE-2022-24795
A flaw was found in the YAJL library in the way it reallocates a memory buffer to store more data. A very large input causes the value used to calculate the buffer size to overflow, resulting in a heap-based buffer overflow. Mitigation Avoid passing large inputs to the YAJL library...
CVE-2021-32994 Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer
Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...
CVE-2021-32994 Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer
Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...
CVE-2022-25959 Rockwell Automation Studio 5000 Logix Designer Improper Restriction of Operations within the Bounds of a Memory Buffer
Omron CX-Position versions 2.5.3 and prior is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code...
Hitachi Energy e-mesh EMS
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: e-mesh EMS Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Use After Free, Uncontrolled Resource Consumption 2. RISK EVALUATION...
ROS-20220329-01
A vulnerability in the zlib data compression library is related to incorrect limitation of operations within the memory buffer due to insufficient validation of user input during data compression. memory due to insufficient validation of user-entered data during data compression. Exploitation...
CVE-2022-24322
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...
CVE-2022-24322
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...
CVE-2022-24322
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...
Design/Logic Flaw
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software when an attacker is able to intercept and manipulate specific Modbus response data...
CVE-2022-24322
CVE-2022-24322 affects Schneider Electric EcoStruxure Control Expert (V15.0 SP1 and prior). The flaw is CWE-119: improper restriction of operations within buffer bounds, enabling disruption of communication between Modicon controllers and engineering software when an attacker intercepts and manip...