CVE-2024-8938

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...

CVE-2024-8938

CVE-2024-8938 affects Schneider Electric Modicon M340, MC80, and Momentum Unity M1E hardware. The root cause is a memory buffer handling flaw (CWE-119) that can enable arbitrary code execution after a Man-In-The-Middle attack, by crafting a Modbus function to tamper with memory areas involved in ...

CVE-2024-8938

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...

CVE-2024-8938

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

CVE-2024-42442

APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...

CVE-2024-42442

APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...

CVE-2024-33658

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity...

CVE-2024-33658 Buffer Overflow Vulnerability In OFBD

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity...

CVE-2024-33658 Buffer Overflow Vulnerability In OFBD

APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Restriction of Operations within the Bounds of a Memory Buffer by local. Successful exploitation of this vulnerability may lead to privilege escalation and potentially arbitrary code execution, and impact Integrity...

CVE-2024-33658

AMI AptioV BIOS contains a local vulnerability (improper restriction of operations within the bounds of a memory buffer). The issue can be exploited locally to escalate privileges and potentially execute arbitrary code, impacting integrity. Connected sources identify AptioV BIOS as the affected c...

CVE-2024-42442 Runtime Service Access outside SMRAM

APTIOV contains a vulnerability in the BIOS where a user or attacker may cause an improper restriction of operations within the bounds of a memory buffer over the network. A successful exploitation of this vulnerability may lead to code execution outside of the intended System Management Mode...

CVE-2024-42442

CVE-2024-42442 concerns AMI AptioV BIOS vulnerability: a network-triggered flaw allows code execution outside the intended System Management Mode by compromising BIOS memory boundaries. The description notes a memory-buffer restriction breach enabling execution beyond SMRAM, with exploitation des...

Advisory ROSA-SA-2024-2518

software: memcached 1.6.22 OS: ROSA-CHROME packageevrstring: memcached-1.6.22-1 CVE-ID: CVE-2023-46852 BDU-ID: 2023-08094 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the proxyruncoroutine function protoproxy.c of the memcached data caching software tool is related to an operation exceeding buffe...

PT-2024-9224 · Microsoft · Office 365 +1

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Office 365 affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to execute arbitrary code. This can allow an attacker to run...

PT-2024-8154 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited to execute arbitrary code. This can allow an attacker to perform unauthorized actions on the system...

The vulnerability of the dwfcore.dll library in Autodesk Navisworks allows a perpetrator to execute arbitrary code.

The vulnerability of the dwfcore.dll library in Autodesk Navisworks software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to cause a service failure.

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations beyond the buffer in memory during JIT-compilation. Exploiting this vulnerability can allow an attacker to cause service interruptions...

ROS-20241108-03

Vulnerability of multiqtune function of schmultiq component of Linux kernel is related to writing outside of dynamic memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code in kernel mode by executing specially specially...

The vulnerability of embedded software developed by Qualcomm, related to operations that occur outside of the buffer in memory, allows attackers to cause system failures.

The vulnerability of embedded Qualcomm software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...