14 matches found
EUVD-2025-5568
Malicious code in bioql PyPI...
CVE-2025-9389 vim memmove-vec-unaligned-erms.S __memmove_avx_unaligned_erms memory corruption
A vulnerability was identified in vim 9.1.0000. Affected is the function memmoveavxunalignederms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are not...
VulnCheck KEV: CVE-2025-0288
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalatio...
CVE-2025-0288
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalatio...
CVE-2025-0288
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalatio...
CVE-2025-0288 CVE-2025-0288
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalatio...
GPAC 安全漏洞
GPAC is an open source multimedia framework. a security vulnerability exists in GPAC, which stems from a binary MP4Box in GPAC v1.0.1 that was found to contain a segmentation error via the function memmove avx unaligned erms. An attacker could exploit this vulnerability to cause a denial of servi...
CVE-2017-10720
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the desktop application used to connect to the device suffers from a stack overflow if more than 26 characters are passed to it as the Wi-Fi name. This application is installe...
Stack overflow
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the desktop application used to connect to the device suffers from a stack overflow if more than 26 characters are passed to it as the Wi-Fi password. This application is...
CVE-2017-10720
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the desktop application used to connect to the device suffers from a stack overflow if more than 26 characters are passed to it as the Wi-Fi name. This application is installe...
CVE-2017-10722
CVE-2017-10722 concerns a stack overflow in the Shekar Endoscope’s desktop controller when a Wi‑Fi password longer than 26 characters is processed. The vulnerable path involves the avilib.dll routine that handles a change-password action via sendchangepass, with the input length contributing to a...
CVE-2018-14780
An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivfetchobject: % highlight c % ifsw == SWSUCCESS sizet outlen; int offs = ykpivgetlengthdata + 1, &outlen; ifoffs == 0 return YKPIVSIZEERROR;...
OCaml: Buffer overflow and information disclosure
Background OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. Description It was discovered that OCaml was vulnerable to a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be...
Integer overflow
Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port 110/tcp, which are expanded to "%%s" before being used in the memmove function, possibly du...