Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Buffer Access with Incorrect Length Value (CVE-2023-5396)

Server receiving a malformed message creates connection for a hostname that may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit...

AZL-35354 CVE-2024-0408 affecting package xorg-x11-server for versions less than 1.20.10-5

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...

Siemens SIMATIC and SIPLUS Products Buffer Access with Incorrect Length Value (CVE-2022-47375)

A vulnerability has been identified in SIMATIC PC-Station Plus All versions, SIMATIC S7-400 CPU 412-2 PN V7 All versions, SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 414F-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416-3 PN/DP V7 All versions, SIMATIC S7-400 CPU 416F-3 PN/D...

CVE-2023-49701 Out-of-bounds access a buffer in SIM management

Memory Corruption in SIM management while USIMPhase2init...

Mitsubishi Electric GOT and Tension Controller (CVE-2021-20589)

Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model...

BIT-2020-15196

In Tensorflow version 2.3.0, the SparseCountSparseOutput and RaggedCountSparseOutput implementations don't validate that the weights tensor has the same shape as the data. The check exists for DenseCountSparseOutput, where both tensors are fully specified. In the sparse and ragged count weights a...

CVE-2023-42753 Kernel: netfilter: potential slab-out-of-bound access due to integer underflow

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

CVE-2023-42811 AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. If a program using the aes-gcm...

Intel i915 Graphics 缓冲区错误漏洞

Intel i915 Graphics is a set of graphics graphics card drivers from Intel Corporation USA. A security vulnerability exists in the Intel i915 Graphics drivers for linux versions prior to 6.2.10, which stems from an improperly restricted operation within a memory buffer range. An attacker can explo...

kernel: udmabuf: Set the DMA mask for the udmabuf device (v2)

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...

OESA-2023-1209 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidpplanes.c misinterprets the getsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer.CVE-2023-23004 A use-after-free flaw w...

SUSE CVE-2018-10114

An issue was discovered in GEGL through 0.3.32. The geglbufferiteratereadsimple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service write access violation or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions ...

SUSE CVE-2022-0519

Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2...

LS ELECTRIC XBC-DN32U 安全漏洞

LS ELECTRIC XBC-DN32U is a PLC programmable logic controller from LS ELECTRIC Korea.A denial of service vulnerability exists in the LS ELECTRIC XBC-DN32U. The vulnerability stems from the fact that the device will stop functioning when accessing a memory location outside of the communication...

GitHub Security Lab: [CPP]: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions

Vulnerability description not provided...

RHEL 7 : qemu-kvm-rhev bug fix update (Important) (RHSA-2020:2342)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2342 advisory. - QEMU: slirp: heap buffer overflow during packet reassembly CVE-2019-14378 - QEMU: slirp: OOB buffer access while emulating tcp protocols i...

RHEL 8 : virt:8.1 (RHSA-2020:1261)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1261 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...

CVE-2022-34399

Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM...

CVE-2022-34399

Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM...