45 matches found
CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities
The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...
CVE-2023-6549
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...
CVE-2023-6334
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...
Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-33627)
An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses Insyde BIOS is...
Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41839)
An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges...
SUSE-SU-2023:2782-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-35828: Fixed a use-after-free flaw inside renesasusb3remove in drivers/usb/gadget/udc/renesasusb3.c bsc1212513. - CVE-2023-35823: Fixed a...
CVE-2022-47393
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation...
CVE-2023-28410
Improper restriction of operations within the bounds of a memory buffer in some IntelR i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2023-28410
Improper restriction of operations within the bounds of a memory buffer in some IntelR i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access...
hw: Intel: Improper restriction in memory buffer in graphics drivers cause escalation of privilege
A flaw has been identified in the Linux kernel i915 graphics driver that improperly restricts operations within the bounds of a memory buffer. This issue could allow a local user to crash the system or potentially escalate their privileges on the system...
CVE-2022-27625
A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band OOB Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology...
CVE-2022-37302
CVE-2022-37302 affects Schneider Electric EcoStruxure Control Expert (formerly Unity Pro) and is described as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. The vulnerability can cause the Control Expert software to crash when opening an incorrect project file, ...
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
The getimagedimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service process or thread consumption via a large TIFF image...
Hitachi Energy e-mesh EMS
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: e-mesh EMS Vulnerabilities: Improper Restriction of Operations Within the Bounds of a Memory Buffer, Use After Free, Uncontrolled Resource Consumption 2. RISK EVALUATION...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
Usage Make sure Python and ncat are installed...
Schneider-electric Somachine Improper Restriction of Operations within the Bounds of a Memory Buffer
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware All versions prior to V5.0.4.11 and SoMachine/SoMachine Motion software All versions, that could cause a buffer overflow when the length of a file transferred to the...
Design/Logic Flaw
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...
CVE-2021-22714
A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Coronablue exploi...
Important: Red Hat Security Advisory: python-imaging security update
An update for python-imaging is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...