104 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16026
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the...
CVE-2024-47896
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
CVE-2024-46975
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory...
CVE-2024-12577
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
CVE-2024-12577 GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
Microsoft Windows Kernel Log Message Disclosure Vulnerability
The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. A security vulnerability exists in Microsoft Windows Kernel Memory. An attacker could exploit the vulnerability to obtain sensitive information...
CVE-2024-52937
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
CVE-2024-52937 GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
CVE-2024-52937 GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
CVE-2024-52937
CVE-2024-52937 describes a vulnerability where kernel software running inside a guest VM could exploit memory shared with the GPU firmware to write data outside the guest’s virtualized GPU memory. The issue is associated with Imagination Technologies’ PowerVR-GPU components and is documented acro...
CVE-2024-52935
CVE-2024-52935 : A kernel-level issue affecting the Imagination Technologies PowerVR-GPU driver. Kernel software running inside a guest VM can access memory shared with the GPU firmware and write data outside the guest’s virtualised GPU memory, enabling potential cross-VM data leakage or memory c...
PT-2025-2942 · Kernel · Kernel
Name of the Vulnerable Software and Affected Versions: Kernel software affected versions not specified Description: The issue allows kernel software installed and running inside a Guest VM to exploit memory shared with the GPU Firmware, enabling it to write data outside the Guest's virtualised GP...
CVE-2024-12672 Rockwell Automation Third Party Vulnerability in Arena®
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a...
ROS-20241216-01
Vulnerability of zbxsnmpcachehandleengineid function of Universal Monitoring System proxy server Zabbix is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service Vulnerability in Zabbix...
CVE-2024-12130 Rockwell Automation Arena® Out of Bounds Read Vulnerability
An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to read beyond the boundaries of an allocated memory. If exploited, a threat actor could leverage this vulnerability to execute...
PT-2024-24975 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing bounds check in the set secure reg function of sac handler.c, which can lead to an out of bounds read. This could resu...
CVE-2024-34364 Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response
Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory OOM vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer...
PUB-A-322224043
In setsecurereg of sachandler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation...
Windows Common Log File System Driver (clfs.sys) Elevation of Privilege Vulnerability
A privilege escalation vulnerability exists in the clfs.sys driver which comes installed by default on Windows 10 21H2, Windows 11 21H2 and Windows Server 20348 operating systems. The clfs.sys driver contains a function CreateLogFile that is used to create open and edit '.blf' base log format...
mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Exploit
Exploit Title: mRemoteNG v1.77.3.1784-NB - Cleartext Storage of Sensitive Information in Memory Exploit Author: Maximilian Barz Vendor Homepage: https://mremoteng.org/ Software Link: https://mremoteng.org/download Version: mRemoteNG = v1.77.3.1784-NB Tested on: Windows 11 CVE : CVE-2023-30367 /...