The vulnerability of the Host KVM Daemon on the BMC – Baseboard Management Controller of the NVIDIA DGX A100 server allows a attacker to gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.

The vulnerability of the NVIDIA DGX A100 server’s Host KVM Daemon, a device management controller, lies in the fact that operation data is written outside of the buffer in memory. Exploiting this vulnerability allows an attacker to gain access to read, modify, or delete data, execute arbitrary...

The vulnerability of the Azure Storage Mover service arises from the possibility of the operation being executed outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Azure Storage Mover service is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

Design/Logic Flaw

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

CVE-2023-6334

HYPR Workforce Access for Windows is affected by CVE-2023-6334 due to an improper restriction of operations within a memory buffer, leading to a buffer overflow. Affected product: HYPR Workforce Access (Windows); vulnerable component/condition: operations within a memory buffer not properly restr...

CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

PT-2024-14931 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Restriction of Operations within the Bounds of a Memory Buffer, which allows Overflow Buffers. This can be exploited in HYPR Workforce Access on...

HYPR Buffer Error Vulnerability

HYPR is a security application from HYPR that implements passwordless security. A security vulnerability exists in HYPR versions prior to 8.7 that stems from a buffer overflow due to improperly restricted operations within a memory buffer range...

PT-2024-1102 · Citrix · Citrix Netscaler Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix NetScaler ADC and NetScaler Gateway affected versions not specified Description: The issue is related to improper restriction of operations within the bounds of a memory buffer in Citrix NetScaler ADC and NetScaler Gateway, allowing...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a malicious actor to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to writing beyond buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the writing of code beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially crafted PAR files...

CVE-2023-41056 Redis vulnerable to integer overflow in certain payloads

Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4...

CVE-2023-41056

CVE-2023-41056 affects Redis and is fixed in Redis 7.0.15 and 7.2.4. The issue arises from incorrect handling of memory buffer resizing, causing an integer overflow that can trigger a heap overflow and potential remote code execution. Public references in various advisories (e.g., Fedora/Red Hat/...

CVE-2023-41056

Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4...

PT-2024-1084 · Microsoft · Azure Storage Mover

Name of the Vulnerable Software and Affected Versions: Azure Storage Mover affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing an attacker to execute arbitrary code. Recommendations: At the moment, there is no information about a newer versio...

GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...

GTKWave EVCD var len parsing improper array index validation vulnerability

Talos Vulnerability Report TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability January 8, 2024 CVE Number CVE-2023-34087 SUMMARY An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially...

GTKWave VCD var definition section out-of-bounds read vulnerabilities

Talos Vulnerability Report TALOS-2023-1805 GTKWave VCD var definition section out-of-bounds read vulnerabilities January 8, 2024 CVE Number CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443 SUMMARY Multiple out-of-bounds read vulnerabilities exist in the VC...