Intel Data Center Graphics Driver 缓冲区错误漏洞

The Intel Data Center Graphics Driver is a set of graphics drivers developed by Intel Corporation for data center GPUs and graphics acceleration devices. Versions of the Intel Data Center Graphics Driver prior to 2.0.2 contained a buffer error vulnerability. This vulnerability stemmed from...

CVE-2021-47789

Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash...

CVE-2021-47789

Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash...

EUVD-2023-34418

Malicious code in bioql PyPI...

EUVD-2024-25845

Malicious code in bioql PyPI...

CVE-2019-14021

Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payload size received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

CVE-2024-49971

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

CVE-2024-49971 drm/amd/display: Increase array size of dummy_boolean

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummyboolean WHY dml2coresharedmodesupport and dmlcoremodesupport access the third element of dummyboolean, i.e. hwdebug5 = &s-dummyboolean2, when dummyboolean has size of 2. Any assignment...

The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to escalate their privileges.

The vulnerability of the Windows Hyper-V hardware virtualization system in Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of NFS clients on FreeBSD systems, which allows attackers to access confidential information

The vulnerability of NFS client operating systems on FreeBSD lies in the operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to access confidential information...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2898)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.

The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Foxboro.sys driver of the distributed system management software EcoStruxureTM Foxboro DCS Control Core Services allows a attacker to execute arbitrary code.

The vulnerability of the Foxboro.sys driver, a microprogramming software for the distributed control system EcoStruxureTM Foxboro DCS Control Core Services, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by...

SAMSUNG Blockchain Keystore 缓冲区错误漏洞

SAMSUNG Blockchain Keystore is Samsung's system tool for creating, storing, managing, and backing up private keys. A security vulnerability exists in SAMSUNG Blockchain Keystore versions prior to 1.3.12.1, which stems from an out-of-bounds write vulnerability when handling BCTUICMDUPDATESCREEN...

PT-2023-19514 · Canonical +4 · Sgt-Puzzles

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A crafted save file can cause a buffer overrun in the Undead puzzle. There is no information available about the estimated number of potentially affecte...

Fedora 37 : mingw-zstd (2023-7fd02c2367)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-7fd02c2367 advisory. Update to zstd-1.5.4, fixes CVE-2022.4899. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

CVE-2023-28638 Stack references to locations outside buffers may become invalid if they exist during a GC compaction in Snappier

Snappier is a high performance C implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change...

Medium: ruby20

Issue Overview: A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read. CVE-2022-28739 Affected...

The vulnerabilities of the functions parse_hello_subtlv(), parse_ihu_subtlv(), and parse_update_subtl() in the software for implementing network routing on Unix-like systems allow a hacker to execute arbitrary code.

The vulnerability of the functions parsehellosubtlv, parseihusubtlv, and parseupdatesubtl babeld/message.c of the software tool for implementing networking routing on Unix-like systems is related to the escape of operations outside of the buffer in memory. Exploiting this vulnerability could allo...

PT-2022-19134 · Bentley · Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.34 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicio...