PT-2024-8610 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: The issue is related to the ctl report supported opcodes function, which did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel...

CVE-2024-44067

The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C920 CPU in the SOPHON SG2042 have instructions that allow unprivileged attackers to write to arbitrary physical memory locations, aka GhostWrite...

T-Head XuanTie C910和C920 安全漏洞

The T-Head XuanTie C910 and T-Head XuanTie C920 are both high-efficiency CPU processors from China-based T-Head. A security vulnerability exists in the T-Head XuanTie C910 and C920 that stems from an instruction that allows an unprivileged attacker to write to an arbitrary physical memory locatio...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-0646)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0646 advisory. - An out-of-bounds memory write flaw was found in the Linux kernel's Transport Layer Security functionality in...

CVE-2021-26344

An out of bounds memory write when processing the AMD PSP1 Configuration Block APCB could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution...

CVE-2021-26344

CVE-2021-26344 is an out-of-bounds memory write in the AMD PSP1 Configuration Block (APCB) processing that could let an attacker with BIOS access modify the BIOS image and sign the result, potentially corrupting APCB and enabling arbitrary code execution. Connected sources (AMD AMD-SB-3003/AMD-SB...

CVE-2021-26344

An out of bounds memory write when processing the AMD PSP1 Configuration Block APCB could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution...

Write-what-where Condition

Overview Affected versions of this package are vulnerable to Write-what-where Condition through the rpctensor structure. An attacker can write to arbitrary memory addresses by manipulating the data pointer. PoC from pwn import ALLOCBUFFER = 0 GETALIGNMENT = 1 GETMAXSIZE = 2 BUFFERGETBASE = 3...

PT-2024-5580 · Dell · Idrac Service Module

Name of the Vulnerable Software and Affected Versions: Dell iDRAC Service Module versions 5.3.0.0 and prior Description: The issue is related to an out of bounds write operation in the memory, which could allow an attacker to execute arbitrary code or cause a denial of service. A privileged local...

USN-6920-1 edk2 vulnerabilities

It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. CVE-2017-5731 It was discovered that EDK II had an insufficient...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-3176

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

CVE-2024-36433

An arbitrary memory write vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4...

CVE-2024-36432

An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, and X11PDG-SN motherboards with BIOS firmware before 4.4...

CVE-2024-36432

An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, and X11PDG-SN motherboards with BIOS firmware before 4.4...

Various Supermicro products Security breaches

The SuperMicro X11DPG-HGX2 and others are a motherboard from SuperMicro, Inc. A security vulnerability exists in various Supermicro products, which stems from an arbitrary memory write vulnerability on the motherboard. The affected products are as follows: X11DPG-HGX2, X11PDG-QT, X11PDG-OT and...

PT-2024-5265 · Supermicro · Supermicro X11Dph-Tq +1

Name of the Vulnerable Software and Affected Versions: Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards with BIOS firmware before 4.4 Description: The issue is related to an arbitrary memory write vulnerability in the BIOS firmware of certain Supermicro motherboards. This vulnerability c...