The vulnerability of the XNU kernel in iPadOS and iOS systems, which allows attackers to gain increased privileges

The vulnerability of the XNU kernel in iPadOS and iOS systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of MediaTek’s WLAN micro-programming software chip allows attackers to gain access to confidential information.

The vulnerability of the WLAN microprogramming software of MediaTek relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to access confidential information...

The vulnerability of MediaTek’s WLAN driver microprogramming software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the WLAN driver software developed by MediaTek relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of WLAN micro-programming software from MediaTek allows attackers to enhance their privileges.

The vulnerability of the WLAN microprogramming software system from MediaTek relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Sandbox component in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS allows a hacker to re-record any files they desire.

The vulnerability of the Sandbox component in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to overwrite arbitrary files...

The vulnerability of the hcp component in MediaTek’s microprogramming software chips allows attackers to enhance their privileges.

The vulnerability of the hcp component in MediaTek’s microprogramming software chips relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Parasolid’s 3D geometric modeling tool and Teamcenter Visualization’s product lifecycle management system lies in the ability to read data beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using a specially created XT file...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created EMF file...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to the execution of operations outside the buffer in memory, allows an attacker to execute arbitrary code.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2023-20251

A vulnerability in the memory buffer of Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple clients connecting under...

CVE-2023-20251

A vulnerability in the memory buffer of Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple clients connecting under...

CVE-2023-20251

CVE-2023-20251 affects Cisco Wireless LAN Controller (WLC) AireOS Software. The issue is described as a vulnerability in the memory buffer that allows an unauthenticated, adjacent attacker to trigger memory leaks by orchestrating multiple wireless clients to connect to an access point, which can ...

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-33627)

An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses Insyde BIOS is...

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41839)

An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges...

Siemens InsydeH2O Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-41837)

An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to...

CVE-2023-42753

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

Buffer overflow

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

CVE-2023-42753 Kernel: netfilter: potential slab-out-of-bound access due to integer underflow

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

CVE-2023-42753

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...

CVE-2023-42753

CVE-2023-42753 is a Linux kernel netfilter nftables/IPSET issue caused by a missing IP_SET_HASH_WITH_NET0 macro, leading to incorrect CIDR_POS calculations and potential slab out-of-bounds access. Local unprivileged users could trigger memory corruption or crashes; privilege escalation is possibl...