Design/Logic Flaw

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause remote code execution when a command which exploits this vulnerability is utilized. Affected Products: CanBRASS Versions prior to V7.5.1...

CVE-2022-32512

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause remote code execution when a command which exploits this vulnerability is utilized. Affected Products: CanBRASS Versions prior to V7.5.1...

CVE-2022-32512

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause remote code execution when a command which exploits this vulnerability is utilized. Affected Products: CanBRASS Versions prior to V7.5.1...

Microsoft Edge’s vulnerability, related to the execution of operations beyond the buffer in memory, allows attackers to circumvent security restrictions and enhance their privileges.

The vulnerability of Microsoft Edge relates to the issue of operations going beyond the buffer boundaries in memory when processing HTML content. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and enhance their privileges through a specially created malicio...

CVE-2022-32512

The CVE-2022-32512 issue affects Schneider Electric CanBRASS prior to version V7.5.1. It is a CWE-119 memory-buff­er handling vulnerability that could enable remote code execution when an exploit command is used. The root cause is improper restriction of operations within the bounds of a memory b...

The vulnerability of the UnZip file archiver lies in the possibility of an operation exceeding the buffer limit in memory, allowing a hacker to trigger a service failure.

The vulnerability of the UnZip file archiver is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created zip file...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information through a specially created malicious file...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, related to reading beyond the buffer in memory, allow attackers to gain unauthorized access to information.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to gain unauthorized access to information through a specially...

The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in Microsoft Windows allows a hacker to execute arbitrary code.

The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in Microsoft Windows operating systems stems from the fact that the operation is performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a special...

CVE-2023-22396

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...

Siemens Solid Edge before V2023 MP1

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

The vulnerability of the detection and prevention mechanism for malicious scripts in Avast Script Shield arises from the possibility of the operation exceeding the buffer in memory. This allows attackers to bypass the sandbox protection mechanisms or trigger a service failure.

The vulnerability of the detection and prevention mechanism of Avast Script Shield lies in the fact that the operation escapes the buffer in memory during the loading of the aswjsflt.dll library. Exploiting this vulnerability can allow a malicious actor to bypass the sandbox’s security mechanisms...

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

The vulnerabilities of Siemens SIMATIC and SINAMICS software products allow a perpetrator to execute arbitrary code.

The vulnerability of Siemens SIMATIC and SINAMICS software products arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerabilities of Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables software in embedded chips from Qualcomm arise from operations that occur outside of the buffer in memory. This allows attackers to disclose sensitive information or cause system failures.

The vulnerabilities of Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon Mobile, Snapdragon Voice & Music, and Snapdragon Wearables software are due to operations occurring outside of the buffer in memory. Exploiting these...

The vulnerability in the driver drivers/usb/mon/mon_bin.c of Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability in the driver drivers/usb/mon/monbin.c of Linux operating systems arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

exploits

Blog Post https://blog.as...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2022-0103)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by a vulnerability: - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is use...