CVE-2024-9123

CVE-2024-9123 is a chromium/Chrome Skia vulnerability: an integer overflow in Skia prior to 129.0.6668.70 enables a remote attack via a crafted HTML page to trigger an out-of-bounds memory write. Affected software includes Google Chrome (Chromium-based) with versions before 129.0.6668.70; related...

CVE-2024-9123

Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9123

Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9123

Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-9123

Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to memory-related write operations. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error CVE-2024-41098 In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings CVE-2024-46679...

PT-2024-8610 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: The issue is related to the ctl report supported opcodes function, which did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the drm/amdgpu component not validating TA binary file sizes, which could lead to an out-of-bounds write...

CVE-2024-44067

The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite...

T-Head XuanTie C910和C920 安全漏洞

The T-Head XuanTie C910 and T-Head XuanTie C920 are both high-efficiency CPU processors from China-based T-Head. A security vulnerability exists in the T-Head XuanTie C910 and C920 that stems from an instruction that allows an unprivileged attacker to write to an arbitrary physical memory locatio...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-0646)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0646 advisory. - An out-of-bounds memory write flaw was found in the Linux kernel's Transport Layer Security functionality in...

CVE-2021-26344

An out of bounds memory write when processing the AMD PSP1 Configuration Block APCB could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution...

CVE-2021-26344

An out of bounds memory write when processing the AMD PSP1 Configuration Block APCB could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution...

CVE-2021-26344

CVE-2021-26344 is an out-of-bounds memory write in the AMD PSP1 Configuration Block (APCB) processing that could let an attacker with BIOS access modify the BIOS image and sign the result, potentially corrupting APCB and enabling arbitrary code execution. Connected sources (AMD AMD-SB-3003/AMD-SB...

Write-what-where Condition

Overview Affected versions of this package are vulnerable to Write-what-where Condition through the rpctensor structure. An attacker can write to arbitrary memory addresses by manipulating the data pointer. PoC from pwn import ALLOCBUFFER = 0 GETALIGNMENT = 1 GETMAXSIZE = 2 BUFFERGETBASE = 3...

PT-2024-5580 · Dell · Idrac Service Module

Name of the Vulnerable Software and Affected Versions: Dell iDRAC Service Module versions 5.3.0.0 and prior Description: The issue is related to an out of bounds write operation in the memory, which could allow an attacker to execute arbitrary code or cause a denial of service. A privileged local...

USN-6920-1 edk2 vulnerabilities

It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. CVE-2017-5731 It was discovered that EDK II had an insufficient...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...