180 matches found
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script. Notable dependencies/tooling include the netaddr library. The execution context is a Python script invoked...
The vulnerability of the `findNextBorderPixel` component in the Leptonica image processing library, which involves reading beyond the acceptable buffer boundary, allows attackers to cause service failures.
The vulnerability of the findNextBorderPixel component in the Leptonica image processing library relates to reading data beyond the permissible buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Samsung SMR 缓冲区错误漏洞
Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to SMR Oct-2021 Release 1, which stems from the lack of buffer bounds checking in the livfivextractor library to allow OOB reads...
The vulnerability of the hivex_open function in the Hivex library, which involves reading data beyond the allowed buffer limits, allows an attacker to gain access to confidential data and also trigger a service failure.
The vulnerability of the hivexopen function in the Hivex library involves reading data from the buffer beyond its allowable limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service failures...
The vulnerability of the wav_write_header function in the libsndfile library, which relates to reading beyond the allowable buffer data limits, allows a attacker to cause a service failure.
The vulnerability of the wavwriteheader function in the libsndfile library is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
The vulnerability of the JavaScript script handler in Google Chrome’s V8 browser, related to writing beyond the buffer limit, allows attackers to access confidential information or trigger a service denial.
The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures...
CVE-2021-32992
FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code...
CVE-2021-22761
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied data, when a malicious...
Siemens SIMATIC S7-1500
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC S7-1500 CPU 1518F-4 Vulnerabilities: Improper Initialization, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these Intel...
CVE-2020-28022
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...
The vulnerability of the command-line interface (CLI) of Cisco Firepower Threat Defense (FTD) microprogramming system allows a attacker to trigger a device reboot or cause a service failure.
The vulnerability of the command-line interface CLI of Cisco Firepower Threat Defense FTD microprogramming systems relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to trigger a system reboot or cause a service failure...
The vulnerability of the phar_parse_pharfile function (xt/phar/phar.c) in the PHP programming language allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the pharparsepharfile function xt/phar/phar.c in the PHP programming language involves reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Windows SMBv3 LPE Exploit !exploithttps://u...
SecureCRT Memory Corruption
securecrt: memory corruption in CSI functions CVE-2020-12651 I noticed a vulnerability in SecureCRT that allows a remote system to corrupt memory in the terminal process and execute arbitrary code. The bug is that if you specify a line number to CSI functions that exceeds INTMAX, the unsigned...
Important: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
The vulnerability of the `load_bmp` function in the CImg library, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the loadbmp function in the CImg library arises from the execution of an operation outside the buffer’s boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information throu...
Arbitrary Code Execution
cups is vulnerable to arbitrary code execution. An insufficient buffer bounds checking flaw was discovered in the HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a malicious HP-GL/2 file that could, possibly, execute arbitrary code as the "lp" user if the file was printed...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796-CNA This implementation is based on the POC pro...
The vulnerability of the Adobe Photoshop graphic editor is related to the issue of executing code outside the buffer boundaries in memory, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Photoshop graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system by opening the malicious file...
libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...