The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows attackers to circumvent existing security restrictions.

The vulnerability of the Secure Boot protocol for Windows operating systems lies in the fact that operations may go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...

PT-2024-4967 · Microsoft · Windows 10 +1

Name of the Vulnerable Software and Affected Versions: microsoft windows 10 1607 version Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Kernel-Mode Driver. It is caused by a buffer overflow in memory, which can be exploited by an attacker to gain...

PT-2024-4682 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to bypass existing security restrictions. This allows attackers to affect the system...

CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Sophos Hitmanpro

HackSys Extreme Vulnerable Driver HEVD - BufferOverflowNonPa...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created PAR files...

The vulnerability of Parasolid’s 3D geometric modeling tool, related to reading data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created XT files...

CVE-2024-21482 Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux Boot Loader

Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image...

CVE-2024-0153

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. I...

CVE-2024-0153 Mali GPU Firmware allows improper GPU processing operations

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. I...

CVE-2024-0153 Mali GPU Firmware allows improper GPU processing operations

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. I...

CVE-2024-0153

Summary of CVE-2024-0153 (Arm Mali Valhall GPU Firmware + Arm 5th Gen GPU Architecture Firmware) A local, non-privileged user can perform improper GPU processing operations to access memory outside the bounds of a buffer, potentially granting access to all system memory. Affected: Arm Valhall GPU...

The vulnerability of the TCP/IP protocol stack implementation in the real-time operating system FreeRTOS-Plus-TCP allows a attacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol stack implementation in the real-time operating system FreeRTOS-Plus-TCP lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...

Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils

...

CVE-2024-4640 OnCell G3470A-LTE Series: Authenticated Command Injection via sendTestEmail

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...

The vulnerability of the Adobe Media Encoder application, related to the execution of operations beyond the buffer in memory, allows an attacker to disclose protected information.

The vulnerability of the Adobe Media Encoder application relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by the system’s security measures...

The vulnerability of the PushShortPixel() function in the program for reading and editing files in multiple graphic formats supported by ImageMagick allows a attacker to cause a service failure.

The vulnerability of the PushShortPixel function in the program for reading and editing images in multiple graphic formats developed by ImageMagick is related to improper restrictions on operations within the memory buffer. Exploiting this vulnerability could allow an attacker to cause a service...

The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge stems from the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by...

The vulnerability of the ksmbd_nl_policy() function in the implementation of the SMB (Server Message Block) protocol within the in-core CIFS/SMB3-server ksmbd server of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ksmbdnlpolicy function in the fs/smb/server/transportipc.c module, which is part of the Server Message Block network protocol implementation in the ksmbd server kernel of the Linux operating system, relates to memory reading beyond the allocated buffer. Exploiting this...

CVE-2021-47544

In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root cause is quite similar...