297 matches found
CVE-2024-37022
CVE-2024-37022 concerns Fuji Electric Tellus Lite V-Simulator. Multiple connected sources confirm an out-of-bounds write vulnerability in Tellus Lite V-Simulator that can lead to arbitrary code execution. Affected product: Fuji Electric Tellus Lite V-Simulator (prior to v4.0.20.0 per CISA ICS adv...
CVE-2024-37022 Fuji Electric Tellus Lite V-Simulator Out-of-bounds Write
Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code...
CVE-2024-37022 Fuji Electric Tellus Lite V-Simulator Out-of-bounds Write
Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code...
PT-2024-4829 · Fuji Electric · Fuji Electric Tellus Lite V-Simulator
Name of the Vulnerable Software and Affected Versions: Fuji Electric Tellus Lite V-Simulator versions 6 X1 and earlier Description: The issue is related to an out-of-bounds write operation in memory, which could allow an attacker to manipulate memory and execute arbitrary code. This could...
BIT-POSTGRESQL-2023-5869 Postgresql: buffer overrun from integer overflow in array modification
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
CVE-2022-45790
The CVE-2022-45790 issue concerns Omron FINS protocol memory protection with an authenticated access mechanism that is susceptible to brute-force guessing. Connected sources identify affected Omron CJ/CS/CP-series PLCs (and related components) using FINS to access password-protected memory region...
libuv: Buffer Overread
Background libuv is a multi-platform support library with a focus on asynchronous I/O. Description libuv fails to ensure that a pointer lies within the bounds of a defined buffer in the uvidnatoascii function before reading and manipulating the memory at that address. Impact The overread can resu...
CVE-2023-6693 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...
PT-2023-28338 · Undefined · Undefined
on to the next stage, the purpose of which was access to the iOS kernel. The kernel was manipulated using vulnerabilities CVE-2023-42434 and CVE-2023-39606. The operation of the first one opened read and write access to the entire physical memory of the device, the use of the...
Format string
A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Controller 6000 leading to a Denial of Service. This issue affects: Gallagher Controller 6000 8.60 prior to vCR8.60.231116a distributed in...
RHEL 7 : rh-postgresql10-postgresql (RHSA-2023:7771)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7771 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Buffer overrun from integer overflow in arra...
CVE-2022-42784
A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA1 All versions = V8.3, LOGO! 12/24RCEo 6ED1052-2MD08-0BA1 All versions = V8.3, LOGO! 230RCE 6ED1052-1FB08-0BA1 All versions = V8.3, LOGO! 230RCEo 6ED1052-2FB08-0BA1 All versions = V8.3, LOGO! 24CE 6ED1052-1CC08-0BA1 All versio...
CVE-2023-47304
The CVE pertains to Vonage Box Telephone Adapter VDV23, affected in version VDV21-3.2.11-0.5.1. The root cause is improper or bypassable UART authentication, enabling local attackers to read/write arbitrary memory values on the device. This yields high impact across confidentiality, integrity, an...
SUSE CVE-2023-32724
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...
DEBIAN-CVE-2023-32724
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...
CVE-2023-32724
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...
CVE-2023-42753
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local...
CVE-2020-19726
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service...
Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks
The U.S. Cybersecurity and Infrastructure Security Agency CISA has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP ENIP communication module models that could be exploited to achieve remote code execution and denial-of-service DoS. "The results and impact of...
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing...