The vulnerability of the QNAP QVR Elite, QVR Pro, and the QVR Guard application for managing emergency switching in video surveillance systems lies in the recording of data beyond the buffer in memory, allowing a intruder to execute arbitrary code.

The vulnerability of QNAP QVR Elite, QVR Pro, and the QVR Guard application, which is used for managing emergency switching of video surveillance systems, lies in data recording beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to buffer overflow in dynamic memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to overflowing buffers in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created SVG file...

The vulnerability of the Adobe InCopy text creation and editing software lies in the reading of data outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe InCopy text creation and editing software relates to the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created SVG file...

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading beyond the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by opening a specially created file...

The vulnerability of the Adobe Bridge file manager, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of the Rizin command-line tool set relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Rizin command-line tool set is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2022-5402 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a privilege escalation vulnerability in the Microsoft Windows COM+ Event System Service. It is caused by a buffer overflow in memory, which can be exploite...

Altair HyperView Player

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Altair Equipment: HyperView Player Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Use of Uninitialized Resource, Improper Validation of Array Index 2. RISK EVALUATION Successful...

The vulnerability of the swtpm TPM emulator, related to reading beyond the buffer in memory, allows a malicious actor to trigger a service failure.

The vulnerability of the swtpm TPM emulator is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the pre-processing processor Simcenter Femap, caused by overflow in the dynamic memory buffer, allows a hacker to execute arbitrary code.

The vulnerability of the pre-processing processor Simcenter Femap arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code as a result of analyzing specially created .NEU files...

uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities

Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

The vulnerability of the Thunderbird email client, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of the Thunderbird email client relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially crafted email message...

The software for human-machine interfaces, WECON LeviStudioU, is vulnerable. An attacker can execute arbitrary code.

The vulnerability of the WECON LeviStudioU software for human-machine interface programming arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ImageMagick ReadXBMImage Information Disclosure (CVE-2018-16323)

An information disclosure vulnerability exists in ImageMagick. The vulnerability is due to improper handling of memory buffer by ReadXBMImage. A remote attacker could exploit this vulnerability by having an affected application that implements ImageMagick process a maliciously crafted file...

CVE-2022-37302

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a crash of the Control Expert software when an incorrect project file is opened. Affected Products: EcoStruxure Control ExpertV15.1 HF001 and prior...

CVE-2022-37302

CVE-2022-37302 affects Schneider Electric EcoStruxure Control Expert (formerly Unity Pro) and is described as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. The vulnerability can cause the Control Expert software to crash when opening an incorrect project file, ...

Siemens SINEC INS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Siemens Equipment: SINEC INS Vulnerabilities: Improper Input Validation, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Command Injection, Inadequate Encryption Strength, Missing...