CVE-2023-52517

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain Previously the transfer complete IRQ immediately drained to RX FIFO to read any data remaining in FIFO to the RX buffer. This behaviour is correct when...

CVE-2024-25629

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

The vulnerability of the LLVM component of the macOS operating system, allowing a hacker to execute arbitrary code

The vulnerability of the LLVM component of the macOS operating system relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the 3D model texturing program Adobe Substance 3D Painter, related to the occurrence of operations outside the buffer boundaries in memory, allows attackers to disclose protected information.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to disclose protected information...

Important: redis6

Issue Overview: Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. CVE-2023-41056...

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the ability to write data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the put_unweighted_pred_16_fallback() function in the h.265 Libde265 implementation allows a hacker to trigger a service failure.

The vulnerability of the putunweightedpred16fallback function in the h.265 Libde265 implementation is related to the output of the operation being stored in memory beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using a...

The vulnerability of the Substance 3D Stager software lies in its ability to read data beyond the buffer boundaries in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Substance 3D Stager software-related 3D design software lies in reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created USD file...

The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to trigger a malfunction during maintenance.

The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix lies in the fact that the output data may escape from memory into the operating system. Exploiting this vulnerability could allow a malicious actor to cause malfunctions during operation...

CVE-2021-46757

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation...

CVE-2021-46757

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation...

Design/Logic Flaw

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation...

CVE-2021-46757

CVE-2021-46757 describes insufficient checking of memory buffers in ASP Secure OS, allowing a privileged attacker with a malicious TA to read/write into the ASP kernel address space and potentially escalate privileges. Connected AMD advisories (AMD-SB-5001) enumerate affected AMD Embedded process...

CVE-2021-46757

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation...

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the microprogramming software of AMI MegaRAC SP-X controllers related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

PT-2024-11053 · Unknown · Asp Secure Os

Name of the Vulnerable Software and Affected Versions: ASP Secure OS affected versions not specified Description: The issue is related to insufficient checking of memory buffer in ASP Secure OS, which may allow an attacker with a malicious TA to read or write to the ASP Secure OS kernel virtual...

AMD Embedded Processors Security Vulnerability

AMD Embedded Processors is a family of embedded high-performance GPUs from UltraMicroelectronics AMD. A security vulnerability exists in AMD Embedded Processors that stems from insufficient memory buffer checking in ASP...

Siemens Simcenter Femap

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

The vulnerability in the web interface of the wireless access point Tenda A15’s microprogramming software allows a perpetrator to execute arbitrary code.

The vulnerability in the web interface of the wireless access point Tenda A15 involves reading data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the wpapskcrypto24g argument...