20 matches found
CVE-2020-7560
A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert all versions and Unity Pro former name of EcoStruxure™ Control Expert all versions, that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control...
EUVD-2020-28685
Malware in sbrugna...
CVE-2024-45142 Substance3D - Stager | Write-what-where Condition (CWE-123)
Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location,...
OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1630 OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability December 22, 2022 CVE Number CVE-2022-38143 SUMMARY A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted...
Design/Logic Flaw
A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert all versions and Unity Pro former name of EcoStruxure™ Control Expert all versions, that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control...
CVE-2020-7560
CVE-2020-7560 affects Schneider Electric EcoStruxure Control Expert (and Unity Pro) across all versions. A CWE-123 Write-what-where flaw in APX/STA file parsing allows crafted APX data to overflow/overwrite heap memory via a manipulated RTE_offset and RTE_length, enabling arbitrary writes through...
Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability
Summary A local code execution vulnerability exists in the APX project file processing functionality of Schneider Electric EcoStruxure Control Expert 14.1. The opening of a STA project archive containing a specially crafted APX project file can lead to code execution. An attacker can provide a...
Important: Red Hat Security Advisory: rh-ruby22-ruby security, bug fix, and enhancement update
An update for rh-ruby22-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
Apple GarageBand Out of Bounds Write Code Execution Vulnerability
Summary An exploitable out of bounds write vulnerability exists in the parsing of saved files in Apple’s GarageBand version 10.1.4. A specially crafted project file can cause an out of bounds write resulting in an exploitable condition. An attacker can deliver a project file via other means to...
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-004 Publication Date: 2015.09.01 Publication URL:...
VBox Satellite Express Arbitrary Write Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...
VBox Satellite Express 2.3.17.3 - Arbitrary Write Vulnerability
A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege. suffers from code execution, and local file...
VBox Satellite Express 2.3.17.3 - Arbitrary Write
VBox Satellite Express 2.3.17.3 - Arbitrary Write KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...
XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write (PoC)
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-004 Publication Date: 2015.09.01 Publication URL:...
Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation
No description provided by source. Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsof...
Microsoft XP SP3 BthPan.sys - Arbitrary Write Privilege Escalation
Exploit for windows platform in category local exploits """ Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Detail...
KL-001-2014-001 : Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation
Title: Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-001 Publication Date: 07.15.2014 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-001.txt 1. Vulnerability Details Affected Vendor: Oracle Affected Product: VirtualBox...
Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation
Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Contr...
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation
Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Contr...
Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation
Title: Oracle VirtualBox Guest Additions Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-001 Publication Date: 07.15.2014 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-001.txt 1. Vulnerability Details Affected Vendor: Oracle Affected Product: VirtualBox...