Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_SERVER_LIST_REQUEST out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2021-1378 Anker Eufy Homebase 2 homesecurity CMDDEVICEGETSERVERLISTREQUEST out-of-bounds write vulnerability November 29, 2021 CVE Number CVE-2021-21950,CVE-2021-21951 SUMMARY An out-of-bounds write vulnerability exists in the CMDDEVICEGETSERVERLISTREQUEST...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code on the target system...

The vulnerability of Adobe Audition for Windows and macOS, related to the operation of operations beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS relates to operations that occur beyond the buffer limits in memory. Exploiting this vulnerability can allow an attacker to cause memory corruption and execute arbitrary code on the target system...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system using a specially created file...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording data beyond the buffer limit in memory, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limit in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted file...

LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1350 LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability November 17, 2021 CVE Number CVE-2021-21899 SUMMARY A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording data beyond the buffer limit in memory, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limit in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

LibreCad libdxfrw dwgCompressor::decompress18() out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2021-1349 LibreCad libdxfrw dwgCompressor::decompress18 out-of-bounds write vulnerability November 17, 2021 CVE Number CVE-2021-21898 SUMMARY A code execution vulnerability exists in the dwgCompressor::decompress18 functionality of LibreCad libdxfrw...

CVE-2021-41289

ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity...

CVE-2021-41289

ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity...

Design/Logic Flaw

ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity...

CVE-2021-41289

The CVE-2021-41289 entry concerns ASUS P453UJ BIOS firmware with an "Improper Restriction of Operations within the Bounds of a Memory Buffer" vulnerability. The issue enables a local attacker with general user permissions to modify the BIOS by replacing or padding the designated Memory DataBuffer...

CVE-2021-41289 ASUS P453UJ - Improper Restriction of Operations within the Bounds of a Memory Buffer

ASUS P453UJ contains the Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. With a general user’s permission, local attackers can modify the BIOS by replacing or filling in the content of the designated Memory DataBuffer, which causing a failure of integrity...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script. Notable dependencies/tooling include the netaddr library. The execution context is a Python script invoked...

The vulnerability of the Foxit Reader text viewer program and the Foxit PhantomPDF PDF editing program, related to the execution of operations outside the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Foxit Reader text viewer program and the Foxit PhantomPDF PDF editing program lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Siemens Nucleus ReadyStart incorrect access vulnerability

Siemens Nucleus ReadyStart is a bundled solution from Siemens Germany. It is used to accelerate the fast startup of complete systems and provides a rich board-level support package Bsp. Siemens Nucleus ReadyStart suffers from an incorrect access vulnerability that could be exploited by an attacke...

The vulnerability of the Fatek Automation Communication Server arises from operations that go beyond the buffer boundaries in memory, allowing attackers to cause service failures or execute arbitrary code.

The vulnerability of the Fatek Automation Communication Server lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code by sending specially crafted requests...

Adobe InCopy memory buffer out-of-bounds access vulnerability

Adobe InCopy is a professional word processing program from Adobe, integrated with Adobe InDesign. Adobe InCopy 16.4 and earlier versions are vulnerable to a memory buffer out-of-bounds access vulnerability. An attacker could exploit the vulnerability to execute arbitrary code...

The vulnerability of the Windows operating system, related to the execution of operations beyond the buffer in memory, allows an attacker to execute arbitrary code.

The vulnerability of the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...