51 matches found
Linaro Trusted Firmware-M Security Vulnerability
Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Trusted Firmware-M TF-Mv1.8.0 and earlier versions, which stems from a security flaw in the buffer during authenticatio...
The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.
The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the CAPWAP (Control and Provisioning of Wireless Access Points) microprogramming software used in Zyxel’s USG FLEX, USG FLEX 50(W), USG20(W)-VPN, ATP, and VPN devices allows a hacker to cause service interruptions.
The vulnerability of the CAPWAP Control and Provisioning of Wireless Access Points microprogramming software used in Zyxel USG FLEX, USG FLEX 50W, USG20W-VPN, ATP, and VPN devices lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability...
NVIDIA DGX-2 缓冲区错误漏洞
The NVIDIA DGX-2 is a high-performance workstation for deep learning from NVIDIA, Inc. The NVIDIA DGX-2™ is NVIDIA's first 2 petaFLOPS device with 16 NVIDIA V100 Tensor core GPUs, making it an excellent platform for complex AI challenges. A security vulnerability exists in NVIDIA DGX-2 prior to...
CVE-2023-25755
Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...
MediaTek 芯片缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking and could lead to out-of-bounds reads. An attacker could exploit the vulnerability to escalate privileges. The following...
PT-2023-13400 · Dell · Dell Precision Bios +1
Name of the Vulnerable Software and Affected Versions: Dell PowerEdge BIOS affected versions not specified Dell Precision BIOS affected versions not specified Description: The issue is related to an improper SMM communication buffer verification vulnerability. A local malicious user with high...
The vulnerability of the Video components in Microsoft Edge and Google Chrome allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Microsoft Edge and Google Chrome browser’s Video component is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information b...
SUSE CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
The vulnerability of the Android operating system’s exchange buffer in Samsung mobile devices allows a hacker to gain access to read, modify, or delete files.
The vulnerability of the exchange buffer in Android mobile devices from Samsung is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete files...
PT-2022-6198 · Dell · Dell Alienware M17 R5 Bios
Name of the Vulnerable Software and Affected Versions: Dell Alienware m17 R5 BIOS versions prior to 1.2.2 Description: The issue is related to a buffer access vulnerability in the BIOS software of Dell Alienware m17 R5 laptops. A malicious user with admin privileges could potentially exploit this...
The vulnerability of the U3D components of PDF viewing and editing programs such as Adobe Reader and Adobe Acrobat allows a perpetrator to execute arbitrary code.
The vulnerability of the U3D components in PDF viewing and editing programs such as Adobe Reader and Adobe Acrobat is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
多款 MediaTek 产品缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in multiple MediaTek products that stems from a lack of boundary checking in the preloader partitioning, which may result in out-of-bounds writes...
CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach...
The vulnerability of the GetData DBMS, related to the execution of operations outside the buffer in memory, allows an attacker to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the GetData database management system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures due to malicious database...
Zephyr 缓冲区错误漏洞
Zephyr is an open source, small, scalable real-time operating system. A security vulnerability exists in Zephyr versions = v1.14.2 and = v2.2.0 that stems from incorrect input frame validation in ieee802154 processing. No detailed vulnerability details are currently available...
Samba 缓冲区错误漏洞
Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A security vulnerability exis...
CVE-2021-22714
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...
grub2 缓冲区错误漏洞
grub2 is a Linux system boot program from the GNU community. A security vulnerability exists in versions of grub2 prior to 2.06. Setparamprefix in the menu presentation code performs length calculations based on the premise that it takes three characters to represent a single quote with a quotati...
USN-4658-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-0423 Daniele Antonioli, Nils Ole...