CVE-2023-34292

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

CVE-2023-34286

Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-38087 Kofax Power PDF clearTimeOut Out-Of-Bounds Write Remote Code Execution Vulnerability

Kofax Power PDF clearTimeOut Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-32154 Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability

Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists...

DEBIAN-CVE-2024-26685

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal condition of the buffer asyncwrite flag and cause a BUGO...

UBUNTU-CVE-2024-26685

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal condition of the buffer asyncwrite flag and cause a BUGO...

CVE-2024-28123

Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the...

WebAssembly 缓冲区错误漏洞

WebAssembly is a binary instruction format for stack-based virtual machines from WebAssembly. A security vulnerability exists in WebAssembly versions prior to 0.31.1 that stems from an out-of-bounds buffer write if the host calls or restores more parameters than the default limit 128 for Wasm...

CVE-2021-47114

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at...

Out-of-bounds

Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the...

NI LabVIEW VI File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VI files...

CVE-2024-28123

The CVE-2024-28123 issue affects Wasmi, a WebAssembly interpreter. The root cause is an out-of-bounds buffer write when the host calls or resumes a Wasm function with more than 128 parameters, causing stack overflow for host-to-Wasm calls (not for Wasm-to-Wasm). This vulnerability is addressed by...

CVE-2024-28123 Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters

Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the...

GHSA-75JP-VQ8X-H4CQ Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters

Summary In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. Impact After...

Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters

Summary In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. Impact After...

Autodesk Design Review Multiple Vulnerabilities (adsk-sa-2021-0003)

The version of Autodesk Design Review installed on the remote Windows host is a version prior to 2018 hotfix 4. It is, therefore, affected by multiple vulnerabilities. - A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 2013,...

CVE-2024-22920

swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c...

PT-2024-2691 · Siemens · Tecnomatix Plant Simulation

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation versions V2201 through V2302.0006 Description: The issue is related to an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute...

SUSE-SU-2023:4597-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. - CVE-2023-40476: Fixed possible overflow using maxsublayersminus1 bsc1215793...

CVE-2023-45678

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...