211 matches found
Unspecified Vulnerability in Adobe Illustrator (CNVD-2023-9999285)
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause a read beyond the end of an allocated memory structure...
DoS (Denial of Service) json-java in Bamboo Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.1 and 9.3.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
The vulnerability of the dwarf2.c component in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the dwarf2.c component in the GNU Binutils development environment is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to cause a service failure...
CVE-2023-3889 Mali GPU Kernel Driver exposes sensitive data from freed memory
A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory...
Arbitrary Code Execution
firefox and thunderbird are vulnerable to Arbitrary Code Execution. An attacker could exploit the vulnerability by creating a specially crafted web page that would cause Firefox to crash. When Firefox crashes, it would leave behind some residual memory that could be exploited by the attacker to...
ROS-20230615-05
Vulnerability in Thunderbird email client is related to incorrect processing of user data in the error page for sites with invalid TLS certificates. displaying certificate exceptions, on the error page for sites with invalid TLS certificates. Exploitation of the vulnerability could allow an...
CVE-2023-0779
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible...
Design/Logic Flaw
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible...
CVE-2023-0779 net: shell: Improper input validation
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible...
CVE-2023-2512 Buffer under-read in workerd
Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a...
ROS-20230420-04
Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird mail client of the operating systems Windows operating systems is related to insufficient protection of service data when processing a request to save files via the "Save As" dialog box. via the "Save As" dialog box...
Adobe Substance 3D Stager Out-of-Bounds Read Vulnerability
Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance 3D Stager 2.0.1 and prior versions, which can be exploited by an attacker to read beyond the end of an allocated memory structure...
Design/Logic Flaw
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...
CVE-2022-48293
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2022-42932
Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
vim: Fix of CVE-2022-3352
CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory...
SAP 3D Visual Enterprise Viewer .obj Buffer Overflow Vulnerability
SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installation as a stand-alone executable program and ActiveX space. A buffer overflow vulnerability...
Double free
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice...
CVE-2022-39002
CVE-2022-39002 describes a double free in the storage module, causing memory to be freed twice. NVD assigns CVSS 3.1 base 9.8 (CRITICAL, NETWORK/LOW complexity, no user interaction). Connected sources corroborate a storage-module double-free vulnerability; one document lists affected Huawei EMUI ...
PT-2022-6968 · Autodesk · Autodesk Fbx-Sdk
Name of the Vulnerable Software and Affected Versions: Autodesk FBX SDK version 2020 Description: The issue is related to a use-after-free vulnerability that can be exploited by tricking a user into opening a malicious FBX file. This may cause the application to reference a memory location...