kernel: drm/edid: fix info leak when failing to get panel id

In the Linux kernel, the following vulnerability has been resolved: drm/edid: fix info leak when failing to get panel id Make sure to clear the transfer buffer before fetching the EDID to avoid leaking slab data to the logs on errors that leave the buffer unchanged...

shadow-utils: possible password leak during passwd(1) change

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...

CVE-2023-28545 Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS

Memory corruption in TZ Secure OS while loading an app ELF...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to data writing beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created PAR files...

The vulnerability of the chkResetVeriRegister() function in TP-LINK’s TL-WR886N router software allows a attacker to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the chkResetVeriRegister function in TP-LINK’s TL-WR886N router software lies in the fact that the operation is performed outside of the buffer in memory. Exploiting this vulnerability allows an attacker to influence the integrity, availability, and confidentiality of the...

The vulnerability of the getRegVeriRegister() function in TP-LINK’s router software TL-WR886N allows a attacker to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the getRegVeriRegister function in TP-LINK’s TL-WR886N router software lies in the fact that the operation is performed outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the integrity, availability, and confidentiality of the...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020, and Adobe Acrobat 2017 involve reading data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to reading data beyond the buffer in memory. Exploiting...

The vulnerability in Adobe Dimension’s 3D design software relates to reading beyond the buffer in memory, allowing an attacker to bypass the ASLR protection mechanism.

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism...

The vulnerability of the Adobe Photoshop graphic editor, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

The vulnerability of Firefox browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Firefox browser is related to the issue of operations going beyond the buffer boundaries in memory when processing HTML content. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Adobe Photoshop graphic editor, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Adobe Photoshop graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

CVE-2023-27854

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

Buffer overflow

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

CVE-2023-27854 Rockwell Automation Arena® Simulation Out of Bounds Read Vulnerability

An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious code on the system...

CVE-2023-27854

CVE-2023-27854 affects Rockwell Automation Arena (Arena) 16.20.x; vulnerability is a memory boundary issue (out-of-bounds read) and related uninitialized pointer, triggered by processing crafted files. Exploitation could allow arbitrary code execution with local access and user interaction requir...

PT-2023-6581 · Rockwell Automation · Rockwell Automation Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: The issue is related to a memory buffer overflow, allowing an attacker to execute arbitrary code in the context of the current user. This could affect the confidentiality,...

Out-of-bounds Write

libstb.so is vulnerable to Out-of-bounds Write. The vulnerability is caused due to a function f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc function in file stb/stbvorbis.c in which a sufficiently large value in the variable sz overflows with sz+7 and the negative...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve reading data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to...

The vulnerability of the Substance 3D Stager software lies in its susceptibility to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Substance 3D Stager software lies in the overflow of memory buffer in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...