28 matches found
Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption
In array::ReadWrite::new line 83 of accessor/src/array.rs, let bytes = mem::sizeof:: len can overflow usize when len is very large. In release mode, this silently wraps, potentially making bytes = 0. The mapper then maps with 0 bytes, and subsequent accesses e.g. readvolatileat lead to undefined...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
EUVD-2026-20944
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
PT-2026-31646
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pe page hash calc. When page hash processing is performed on a PE file, the function...
CVE-2024-47248
Apache NimBLE
CVE-2024-24972
The CVE-2024-24972 issue affects Gallagher Controller 6000 and Controller 7000 via a Buffer Copy without Checking Size of Input in the diagnostic web interface, enabling an authorized and authenticated operator to reboot the controller and cause a Denial of Service. Affected firmware histories in...
CVE-2024-6918
CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists that could cause a crash of the Accutech Manager when receiving a specially crafted request over port 2536/TCP...
CVE-2024-6918
CVE-2024-6918 is a CWE-120 buffer overflow affecting Schneider Electric Accutech Manager. Connected docs indicate it can cause a crash of the Accutech Manager when handling a specially crafted request over port 2536/TCP, potentially affecting versions up to 2.8.0.0 (and earlier per some sources)....
CVE-2024-37040
CWE-120: Buffer Copy without Checking Size of Input ‘Classic Buffer Overflow’ vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device when sending a malformed HTTP request...
CVE-2024-1969 Heap buffer overflow
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Secomea GateManager webserver modules allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033...
The vulnerability of the handle_image() function in the UEFI loader shim allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the handleimage function in the UEFI loader shim is related to the issue of writing data beyond the buffer boundaries when processing EFI files, taking into account the SizeOfRawData field. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause...
DEBIAN-CVE-2022-28737
There's a possible overflow in handleimage when shim tries to load and execute crafted EFI executables; The handleimage function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code...
SUSE CVE-2014-8092
Multiple integer overflows in X.Org X Window System aka X11 or X X11R1 and X.Org Server aka xserver and xorg-server before 1.16.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via a crafted request to the 1 ProcPutImage, 2 GetHosts, 3...
The vulnerability of the IncrementOffset() function in the TensorFlow machine learning system, which allows a hacker to trigger a service failure.
The vulnerability of the IncrementOffset function in the TensorFlow machine learning system is related to the violation of the buffer’s initial boundary when processing the sizeofchunk value. Exploiting this vulnerability can allow an attacker to trigger a service failure...
PT-2022-6874 · Shim +9 · Shim +9
Name of the Vulnerable Software and Affected Versions: shim affected versions not specified Description: The issue is related to the handle image function in the UEFI bootloader shim, which is vulnerable to a buffer overflow when processing EFI files that take into account the SizeOfRawData field...
CVE-2021-22824
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in denial of service, due to missing length check on user-supplied data from a constructed message received on the network. Affected Product: Interactive Graphical SCADA System Data Collector dc.exe...
CVE-2022-22723
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...
CVE-2022-22725
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...