NVIDIA DGX Spark 缓冲区错误漏洞

The NVIDIA DGX Spark is a personal AI computer from NVIDIA. A buffer error vulnerability exists in NVIDIA DGX Spark GB10, which stems from an unexpected memory buffer operation in the SROOT firmware that could result in data tampering, denial of service, or elevation of privilege...

Siemens SIMATIC Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-57948)

In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154ifremove. 1 Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardware device from the system...

Panasonic KW Watcher vulnerable to memory buffer error

Overview KW Watcher provided by Panasonic contains a vulnerability due to improper restriction of operations within the bounds of a memory buffer CWE-119, CVE-2024-4162. Michael Heinzl reported this vulnerability to Panasonic and coordinated. After the coordination was completed, Panasonic report...

Azure RTOS USBX Security Vulnerability

Azure RTOS USBX is a USB host, device, and mobile OTG embedded stack for Azure RTOS open source. Fully integrated with Azure RTOS ThreadX, it is available for all processors that support Azure RTOS ThreadX. A security vulnerability exists in Azure RTOS USBX versions prior to 6.3.0 that stems from...

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.

The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the CAPWAP (Control and Provisioning of Wireless Access Points) microprogramming software used in Zyxel’s USG FLEX, USG FLEX 50(W), USG20(W)-VPN, ATP, and VPN devices allows a hacker to cause service interruptions.

The vulnerability of the CAPWAP Control and Provisioning of Wireless Access Points microprogramming software used in Zyxel USG FLEX, USG FLEX 50W, USG20W-VPN, ATP, and VPN devices lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

The vulnerability of the Video components in Microsoft Edge and Google Chrome allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Microsoft Edge and Google Chrome browser’s Video component is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information b...

The vulnerability of the U3D components of PDF viewing and editing programs such as Adobe Reader and Adobe Acrobat allows a perpetrator to execute arbitrary code.

The vulnerability of the U3D components in PDF viewing and editing programs such as Adobe Reader and Adobe Acrobat is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the GetData DBMS, related to the execution of operations outside the buffer in memory, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GetData database management system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures due to malicious database...

CVE-2021-22714

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...

The vulnerability of Moxa EDR-G902, Moxa EDR-G903, and Moxa EDR-810 microprogrammed router software lies in the fact that operations are performed outside the buffer in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of Moxa EDR-G902, Moxa EDR-G903, and Moxa EDR-810 microprogrammed router software lies in the fact that the operation data is written outside the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-PoC winners! Daniel García Gutiérrez @dan...

The vulnerability of the Dirac and Schrodinger codecs in the VideoLAN VLC media player software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Dirac and Schrodinger codecs in the VideoLAN VLC media player software lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures...