The vulnerability of Intel Wireless Bluetooth and Killer Bluetooth drivers, related to the occurrence of operations outside the buffer in memory, allows a intruder to gain unauthorized access to protected information or cause service failures.

The vulnerability of Intel Wireless Bluetooth and Killer Bluetooth drivers is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or cause service failures...

The vulnerability in the web interface for managing microprogrammed wireless router software from Cisco’s Small Business series—RV110W, RV130, RV130W, and RV215W—allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability in the web interface for managing microprogramming software on Cisco Small Business RV110W, RV130, RV130W, and RV215W routers stems from the copying of buffers without checking the size of the input data during the processing of user fields in incoming HTTP packets. Exploiting...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely EcoStruxure Control Expert, arises from the execution of operations beyond the buffer boundaries in memory. This vulnerability allows a malicious actor to cause system failures.

The vulnerability of the EcoStruxure Control Expert programming tool for programmable logic controllers involves the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

Microsoft Edge browser’s vulnerability, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the SMB1 protocol implementation in the Samba network communication software allows a perpetrator to induce a service failure.

The vulnerability of the SMB1 protocol implementation in the Samba networking software lies in the fact that the operation values are written outside the buffer in memory during the range checking process. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

CVE-2022-35928 AES Crypt for Linux Password Security Vulnerability

AES Crypt is a file encryption software for multiple platforms. AES Crypt for Linux built using the source on GitHub and having the version number 3.11 has a vulnerability with respect to reading user-provided passwords and confirmations via command-line prompts. Passwords lengths were not checke...

The vulnerability in Intel NUC’s built-in software arises from an operation that goes beyond the buffer boundaries in memory, allowing attackers to exploit their privileges.

The vulnerability in Intel NUC’s built-in software arises from an operation that occurs outside the buffer boundaries of memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of microprogrammed software in Siemens SIMATIC S7-400 and SIMATIC S7-410 programmable logic controllers arises from the possibility of an operation outputting data beyond the buffer boundaries in memory. This vulnerability allows a malicious entity to cause malfunctions during maintenance operations.

The vulnerability of microprogrammed software in Siemens SIMATIC S7-400 and SIMATIC S7-410 programmable logic controllers is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause malfunctions by sending special...

The vulnerability of the CDRRip.dll library in the Corel PhotoPaint Standard graphic design and photo editing software arises from writing beyond the buffer boundaries in memory. This allows an attacker to execute arbitrary code.

The vulnerability of the CDRRip.dll library in the Corel PhotoPaint Standard graphic design and photo editing software is related to reading data outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, usin...

The vulnerability of the decode_nfs_fh() function in the Linux operating system allows a hacker to increase their privileges and cause a system crash.

The vulnerability of the decodenfsfh function in the Linux operating system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to gain elevated privileges and cause the system to crash...

The vulnerability of the AppleAVD component in operating systems such as Mac OS, iOS, iPadOS, tvOS, and watchOS allows a hacker to execute arbitrary code.

The vulnerability of the AppleAVD component in operating systems such as Mac OS, iOS, iPadOS, tvOS, and watchOS is related to the operation of writing data beyond the buffer boundaries into memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2023-15909 · Facebook +10 · Zstd +9

Name of the Vulnerable Software and Affected Versions: zstd version 1.4.10 MySQL Server versions 8.0.33 and earlier Description: A vulnerability was found where an attacker can supply an empty string as an argument to the command line tool to cause buffer overrun. This issue can be exploited by a...

The vulnerabilities of the microprogramming software for the OPC UA Modicon Communication Module (BMENUA0100) and the X80 advanced RTU Communication Module (BMENOR2200H) allow attackers to cause service interruptions.

The vulnerability of the microprogramming software for the OPC UA Modicon Communication Module BMENUA0100 and the X80 advanced RTU Communication Module BMENOR2200H lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause servic...

PT-2022-4970 · Aes Crypt · Aescrypt

Name of the Vulnerable Software and Affected Versions: AES Crypt version 3.11 Description: The issue is related to reading user-provided passwords and confirmations via command-line prompts in AES Crypt for Linux. Password lengths were not checked before being read, which may lead to buffer...

PT-2022-6615 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

PT-2022-6624 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

CentOS 8 : ruby:2.6 (CESA-2022:5338)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:5338 advisory. - Ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 Note that Nessus has not tested for this issue but has instead relied only on the...

PT-2022-24287 · Systemd +9 · Systemd +9

Name of the Vulnerable Software and Affected Versions: Systemd affected versions not specified Description: An off-by-one Error issue was discovered in the format timespan function of time-util.c. An attacker could supply specific values for time and accuracy that lead to a buffer overrun in form...

CLSA-2022-1657182150 Fix CVE(s): CVE-2022-2129, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720

SECURITY UPDATE: Reading past end of line with "gf" in Visual block mode - debian/patches/CVE-2022-1720.patch: Do not include the NUL in the length - CVE-2022-1720 SECURITY UPDATE: Searching for quotes may go over the end of the line - debian/patches/CVE-2022-2124.patch: Check for running into th...

openSUSE: Security Advisory for liblouis (SUSE-SU-2022:2298-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...