EUVD-2024-22321

Malicious code in bioql PyPI...

CVE-2024-11345

A heap-based memory vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2024-11345 Heap-based memory vulnerability in the Postscript interpreter in various Lexmark devices

A heap-based memory vulnerability has been identified in the Postscript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code...

CVE-2024-24959

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24957

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24956

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24956

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24958

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24954

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24957

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

Git Users Urged to Update Software to Prevent Remote Code Execution Attacks

The maintainers of the Git source code version control system have released updates to remediate two critical vulnerabilities that could be exploited by a malicious actor to achieve remote code execution. The flaws, tracked as CVE-2022-23521 and CVE-2022-41903, impacts the following versions of...

Buffer Overflow

chromium is vulnerable to heap-based buffer overflow. The vulnerability exists in malloc due to the allocated in the heap portion of memory which allows an attacker to cause memory corruption...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A use after free flaw in the audio component allows an attacker to exploit a heap-based memory corruption using a malicious HTML page...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A use after free flaw in the audio component allows an attacker to exploit a heap-based memory corruption using a malicious HTML page...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. An insecure implementation in the V8 component allows an attacker to exploit a heap-based memory corruption using a malicious HTML page...

CVE-2020-13545

An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...

CVE-2020-13545

An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer th...

CVE-2020-13545

CVE-2020-13545 affects SoftMaker Office TextMaker 2021. The TALOS analysis details a signed/unsigned conversion issue in TextMaker’s document parsing that can cause heap-based memory corruption when loading a crafted TextMaker Document (.tmd). The root cause involves miscalculation of a length us...

SoftMaker Office TextMaker Document Record 0x003f integer conversion vulnerability

Summary An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this...

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any...