The vulnerability of the static enum_func_status php_mysqlnd_rset_field_read() function in the PHP programming language allows a hacker to gain unauthorized access to protected information.

The vulnerability of the static enumfuncstatus phpmysqlndrsetfieldread function in the PHP programming language is related to insufficient protection of private data due to the operation being performed outside the buffer in memory. Exploiting this vulnerability could allow an attacker, operating...

The vulnerability of the convert.quoted-printable-decode filter in the PHP programming language interpreter allows a hacker to trigger a service failure.

The vulnerability of the convert.quoted-printable-decode filter in the PHP programming language interpreter is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Apple GPU Driver affects browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird, allowing an attacker to execute arbitrary code.

The vulnerability of the Apple GPU Driver in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2024-8937)

Arbitrary code execution can potentially be achieved after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the authentication process. This plugin only works with Tenable.ot. Please visit...

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2024-8938)

Arbitrary code execution can potentially be achieved after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory size computation. This plugin only works with Tenable.ot. Please visit...

Advisory ROSA-SA-2024-2523

Software: xrdp 0.9.25 OS: rosa-server79 packageevrstring: xrdp-0.9.25-2.0.1.res7 CVE-ID: CVE-2023-40184 BDU-ID: 2023-07659 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the authstartsession function of the XRDP server is related to the bypassing of session restrictions. Exploitation of the...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2024-35250-BOF The Beacon Object File BOF implementati...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of component t7xx in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of component t7xx in the Linux operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the ncm component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ncm component in the Linux operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages lies in the fact that operations are performed outside of the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2024-10921

An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to 5.0.30 , MongoDB Server v6.0 versions prior to...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to writing data outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the writing of data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from operations that go beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

PT-2024-10125 · Rsync +10 · Rsync +10

The rsync daemon is affected by a flaw that can be triggered when comparing file checksums, allowing an attacker to manipulate the checksum length and cause a comparison between a checksum and uninitialized memory. This results in the leak of one byte of uninitialized stack data at a time. An...