AMD Embedded Processors Security Vulnerability

AMD Embedded Processors is a family of embedded high-performance GPUs from UltraMicroelectronics AMD. A security vulnerability exists in AMD Embedded Processors that stems from insufficient memory buffer checking in ASP...

Siemens Simcenter Femap

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

The vulnerability in the web interface of the wireless access point Tenda A15’s microprogramming software allows a perpetrator to execute arbitrary code.

The vulnerability in the web interface of the wireless access point Tenda A15 involves reading data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the wpapskcrypto24g argument...

The vulnerability of the PMR_ReadBytes() function in the PowerVR GPU driver for Android and ChromeOS systems allows attackers to exploit their privileges.

The vulnerability of the PMRReadBytes function in the PowerVR GPU driver for Android and ChromeOS operating systems is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the MMU_UnmapPages() function in the PowerVR GPU driver for Android and ChromeOS allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the MMUUnmapPages function in the PowerVR GPU driver for Android and ChromeOS systems is related to the execution of operations outside of memory buffers. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the formWifiWpsOOB function in the microprogrammed software of Tenda AC10U routers allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formWifiWpsOOB function in the microprogrammed operating system of Tenda AC10U lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Rockwell Automation ControlLogix and GuardLogix

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

shadow-utils: possible password leak during passwd(1) change

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...

The vulnerability of the libxml2 library in operating systems macOS, iOS, and iPadOS allows attackers to trigger a service failure.

The vulnerability of the libxml2 library in operating systems such as macOS, iOS, and iPadOS is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the JXPath object processing library, related to the failure of the operation outside the buffer in memory, allows a attacker to trigger a service failure.

The vulnerability of the JXPath object processing library is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the AIX operating system, related to the execution of operations beyond the buffer in memory, allows an attacker to execute arbitrary commands.

The vulnerability of the AIX operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary commands using invscout...

CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...

CVE-2024-22419

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The concat built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the buildIR for concat doesn't properly adhere to the API of co...

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Fedora 39 : redis (2024-6ef42a28c9)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ef42a28c9 advisory. Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST Upgrade urgency SECURITY: See security fixes below. Security fixes CVE-2023-41056 In some cases,...

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...