MediaTek 芯片 输入验证错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the ril module of the MediaTek chips, which is caused by a lack of boundary checking and may allow out-of-bounds reads...

PT-2023-13819 · Qualcomm · Snapdragon +68

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to a transient Denial of Service DOS caused by a buffer over-read in the WLAN component when sending a packet to a device. Recommendations: At the moment, there is ...

The vulnerability of the Adobe Bridge file manager, related to reading beyond the buffer in memory, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Adobe Bridge file manager is related to reading beyond the buffer boundary in memory during syntax analysis of embedded fonts. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created malicious fi...

The vulnerability of the CryptParameterDecryption function in the microprogramming software of the Trusted Platform Module (TPM) allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CryptParameterDecryption function in the microprogramming system of the Trusted Platform Module TPM processor lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the protected...

JTEKT Kostac PLC Programming Software 缓冲区错误漏洞

JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an insufficient buffer size f...

The vulnerability of the monitoring tool for video card performance, Micro-Star MSI Afterburner, relates to reading beyond the memory boundary in the buffer. This allows a malicious actor to elevate privileges, execute arbitrary code with high privileges, and disclose sensitive information.

The vulnerability of the monitoring tool for video card performance, Micro-Star MSI Afterburner, relates to reading beyond the memory boundary in the buffer. Exploiting this vulnerability can allow an attacker to gain elevated privileges, execute arbitrary code with high privileges, and disclose...

Debian: Security Advisory (DLA-3345-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-26253

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read...

DEBIAN-CVE-2023-26253

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read...

UBUNTU-CVE-2023-26253

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read...

The vulnerability of AMD’s microprogrammed security processor BIOS, related to the execution of operations beyond the buffer in memory, allows attackers to disclose sensitive information that is protected by the system’s security measures.

The vulnerability of AMD’s microprogrammed security processor BIOS systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

CVE-2023-0567

A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid...

SUSE CVE-2003-0544

OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service crash via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used...

SUSE CVE-2006-4020

scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read...

SUSE CVE-2007-1380

The phpbinary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information memory contents via a serialized variable entry with a large length value, which triggers a buffer over-read...

SUSE CVE-2007-2052

Off-by-one error in the PyLocalestrxfrm function in Modules/localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due ...

SUSE CVE-2008-0227

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service crash via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp...

SUSE CVE-2008-1372

bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service crash via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats...

SUSE CVE-2008-1836

The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service crash via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read...

SUSE CVE-2008-3145

The fragmentaddwork function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service crash via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read...