freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. In affected versions the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of bounds checking in handleauthsessionkey, which could lead to out-of-bounds writes...

CVE-2024-41590

Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A buffer error vulnerability exists in MediaTek Chipsets, which stems from the Modem module containing a missing bounds checking issue that could lead to out-of-bounds writes...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from a lack of bounds checking, resulting in a stack buffer overflow. An attacker can escalate privileges by exploiting the vulnerability...

CVE-2024-41590

Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6...

CVE-2024-41590

CVE-2024-41590 affects DrayTek Vigor310 routers, where the web UI CGI endpoints expose a buffer overflow via missing bounds checks on POST parameters passed to strcpy. Affected firmware includes versions up to 4.3.2.6, and exploitation requires authenticated access. The Red Hat/NCSC/PT-Security e...

CVE-2024-4640 OnCell G3470A-LTE Series: Authenticated Command Injection via sendTestEmail

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...

UNISOC chipset缓冲区错误漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Spreadtrum UNISOC. A security vulnerability exists in the UNISOC chipset that stems from a lack of bounds checking in the wlan driver, resulting in a denial of service...

Out-of-bounds

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges...

Out-of-bounds

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service...

Google Android Remote Code Execution Vulnerability (CNVD-2019-35242)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in Google Android 10. The vulnerability stems from an out-of-bounds write problem in libxaac in Android caused by a lac...

Google Android Remote Code Execution Vulnerability (CNVD-2019-35243)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in Google Android 10. The vulnerability stems from an out-of-bounds write problem in libxaac in Android caused by a lac...

Design/Logic Flaw

In GPAC 0.7.1 and earlier, gftextgetutf8line in mediatools/textimport.c in libgpacstatic.a allows an out-of-bounds write because of missing szLineConv bounds checking...

Google Android Buffer Overflow Vulnerability (CNVD-2019-27575)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the 'impddrcparsecoeff' function of the impddrcstaticpayload.c file in Android version 9, which stems from a lack of boundary checking in...