CVE-2025-55286

z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing MSAA method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing SSAA method. Under certa...

CVE-2025-55286 z2d OOB drawing with new multi-sample anti-aliasing could lead to invalid memory access and corruption

z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing MSAA method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing SSAA method. Under certa...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

技术文章存档 ------ Paper list： Talking About Exploit Writing Bypassing AntiVirus Detection for Malicious PDFs MBR病毒分析 使用bochs调试MBR 基于MBR的系统登录密码验证程序 PDF文件格式分析 恶意PDF文件解析思路 Win 7下定位kernel32.dll基址及shellcode编写 CVE-2009-0658漏洞分析 Firefox vulnerabilityCVE-2011-0065 Bypassing DEP CVE-2009-4324漏洞分析 Flash XSS漏洞挖...

The vulnerability of the i801_check_post() function in the drivers/i2c/buses/i2c-i801.c module of the Linux kernel allows a attacker to access protected information or cause service failures.

The vulnerability of the i801checkpost function in the drivers/i2c/buses/i2c-i801.c module of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to access protected information or cause service failures...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

CVE-2023-34100

Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uipbuf. In particular, there is...

CVE-2022-46396

An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0...

CVE-2021-22761

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied data, when a malicious...

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

The vulnerability of the Adobe Framemaker desktop publishing system arises from the possibility of an operation going beyond the buffer boundaries in memory. This allows a hacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information...

The vulnerability of the n_gsm component in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the ngsm component in the Linux operating system’s kernel is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the vduse_dev_ioctl() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the vdusedevioctl function in the drivers/vdpa/vdpauser/vdusedev.c file of the Linux kernel is related to memory allocation beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

The vulnerability of the nvme_fdp_events() function in the NVMe emulator virtual device of the QEMU hardware infrastructure allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the nvmefdpevents function in the NVMe emulator virtual device of the QEMU hardware infrastructure is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the `of_irq_parse_one()` function in the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the ofirqparseone function in the Linux operating system is related to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

The vulnerability of the Storage Port Driver driver for Windows operating systems, which allows attackers to increase their privileges

The vulnerability of the Storage Port Driver driver for Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the `cv::HdrDecoder::checkSignature` function in the `imgcodecs/src/grfmt_hdr.cpp` component of the OpenCV computer vision library, related to reading beyond the allowed data buffer boundaries, allows a malicious actor to cause service failures.

The vulnerability of the cv::HdrDecoder::checkSignature function in the imgcodecs/src/grfmthdr.cpp component of the OpenCV computer vision library is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability could allow an attacker to cause service failures...

CVE-2024-45166

UCI IDOL 2 (IDOL2/uciIDOL) up to version 2.12 is affected by a vulnerability caused by improper input validation, improper deserialization, and improper restriction of memory buffer operations. The issue can lead to Denial-of-Service and possibly remote code execution, with an access violation an...

CVE-2024-45169

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils

...