CVE-2024-6815 IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag...

CVE-2024-5875

Affected software/impact: IrfanView’s SHP file parsing is vulnerable to an out-of-bounds write that can lead to remote code execution. The flaw stems from insufficient validation of user-supplied data during SHP parsing, enabling an attacker to write past the end of an allocated buffer and execut...

CVE-2023-39179 Kernel: ksmbd: read request out-of-bounds read information disclosure vulnerability

A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...

CVE-2023-39176

CVE-2023-39176 concerns the ksmbd kernel module in Linux, where parsing of SMB2 transform-header requests allows reading past the end of an allocated buffer. This results in information disclosure on affected systems with ksmbd enabled. Public sources in the connected documents consistently descr...

CVE-2023-39176 Kernel: ksmbd: transform header out-of-bounds read information disclosure vulnerability

A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...

CVE-2023-4458

A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...

Adobe Media Encoder < 14.4.0 Multiple Information Disclosure (APSB20-57) (macOS)

The version of Adobe Media Encoder installed on the remote macOS host is prior to 14.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-57 advisory. - Adobe Media Encoder version 14.3.2 and earlier versions has an out-of-bounds read vulnerability that could be...

CVE-2024-45288 Multiple vulnerabilities in libnv

A missing null-termination character in the last element of an nvlist array string can lead to writing outside the allocated buffer...

CVE-2024-45288 Multiple vulnerabilities in libnv

A missing null-termination character in the last element of an nvlist array string can lead to writing outside the allocated buffer...

CVE-2024-6811

IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag...

CVE-2024-6811 IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag...

CVE-2024-7537

oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2024-7537

CVE-2024-7537 describes an oFono vulnerability in QMI SMS handling that allows local read past the end of a buffer during processing of SMS message lists. The flaw arises from insufficient validation of user-supplied data, enabling information disclosure and, in conjunction with other issues, pot...

CVE-2021-47609 firmware: arm_scpi: Fix string overflow in SCPI genpd driver

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpipd-name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name...

CVE-2021-47609

CVE-2021-47609 : Linux kernel vulnerability in the SCPI genpd driver for arm SCPI firmware. The issue was a missing bound check on scpi_pd-&gt;name, which could overflow a 30-byte buffer when copying the device name, potentially leading to memory corruption. The fix allocates the string dynamical...

Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...

Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...