CVE-2020-7550

A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...

CVE-2020-7550

CVE-2020-7550 affects Schneider Electric IGSS Definition (Def.exe) >=14.0.0.20247. The issue is an improper restriction of operations within the bounds of a memory buffer during CGF file parsing, leading to remote code execution when a malicious CGF is imported. The root cause is a stack-based...

The vulnerability of the Microsoft Exchange Server mail server arises from a transaction that occurs outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Exchange Server arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Intel Active Management Technology implementation arises from the possibility of writing operations outside of the buffer in memory, allowing an attacker to exploit their privileges.

The vulnerability of the Intel Active Management Technology implementation is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of Moxa EDR-G902, Moxa EDR-G903, and Moxa EDR-810 microprogrammed router software lies in the fact that operations are performed outside the buffer in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of Moxa EDR-G902, Moxa EDR-G903, and Moxa EDR-810 microprogrammed router software lies in the fact that the operation data is written outside the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from the operation beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to reading data outside the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

Schneider Electric Interactive Graphical SCADA System (IGSS)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Schneider Electric Equipment: Interactive Graphical SCADA System IGSS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION...

The vulnerability of Adobe Illustrator’s graphic editor lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Illustrator’s graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

Pixar OpenUSD binary file format offset seek information leak vulnerability

Summary An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used...

Pixar OpenUSD binary file format specs memory corruption

Summary An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, t...

The vulnerability of Google Chrome’s browser, related to writing beyond the memory buffer, allows attackers to bypass the sandboxing protection mechanism.

The vulnerability of Google Chrome relates to the writing beyond the memory buffer. Exploiting this vulnerability allows a malicious actor to bypass the sandboxing mechanism by using a specially crafted HTML page...

PT-2020-5730 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the User Profile Service of Windows operating systems, caused by a buffer overflow in memory. This vulnerability can be exploite...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-POC 受影响系统版本 漏洞不影响win7，漏洞影响Windows 10 1903之后的各个...

The vulnerability of the mfr_print() function in the tcpdump utility for capturing and analyzing network traffic allows a hacker to induce a service failure.

The vulnerability of the mfrprint function in the tcpdump network traffic capture and analysis utility is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Mitsubishi Electric GT14 Model of GOT1000 Series

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Mitsubishi Electric Equipment: GT14 model of GOT1000 Series Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Session Fixation, NULL Pointer Dereference,...

The vulnerability of the Windows Codecs Library component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Codecs Library component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Windows Error Reporting error reporting service allows a perpetrator to elevate their privileges and gain unauthorized access to protected information.

The vulnerability of the Windows Error Reporting error reporting service in the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected...

The vulnerability of the Group Policy Services in the Windows operating system allows a perpetrator to increase their privileges.

The vulnerability of Group Policy Services in the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Click-to-Run component of Microsoft Office applications, which stems from the operation of transferring data out of the buffer into memory, allows attackers to exploit their privileges.

The vulnerability of the Click-to-Run component of Microsoft Office applications relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created file...