6890 matches found
ASB-A-239267173
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE SLES12 Security Update : binutils (SUSE-SU-2022:4277-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4277-1 advisory. The following security bugs were fixed: - CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcppfile.h bsc1142579. -...
The vulnerability of the Mozilla Firefox browser’s graphical driver for Android allows a hacker to execute arbitrary code.
The vulnerability of the Mozilla Firefox browser’s graphical driver for Android is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by opening a specially created web page...
OSV-2022-1208 Stack-buffer-overflow in cmap_put_ranges
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53711 Crash type: Stack-buffer-overflow READ 1 Crash state: cmapputranges psfwritecmap pdfwritecmap...
OSV-2022-1201 Stack-buffer-overflow in msc_zero_object
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53631 Crash type: Stack-buffer-overflow WRITE Crash state: msczeroobject msccreateobject musclecreatedirectory...
CVE-2022-36337
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI variable under the OS can cause this overflow when read by BIOS code...
Insyde InsydeH2O 缓冲区错误漏洞
Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O versions 5.0 through 5.5, which is caused...
PT-2022-6575 · NetGear · Netgear Rax30
Name of the Vulnerable Software and Affected Versions: NETGEAR RAX30 affected versions not specified Description: The issue is related to the handling of JSON data and results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based...
CVE-2022-36337
CVE-2022-36337 affects Insyde InsydeH2O, with kernel 5.0–5.5. A stack buffer overflow in the MebxConfiguration driver can cause arbitrary code execution when a UEFI variable is read by BIOS code, potentially enabling local compromise. Remediation guidance present in PT-2022-23314 suggests tempora...
Stack overflow
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...
CVE-2022-35407
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the...
Oracle Linux 9 : libtiff (ELSA-2022-8194)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8194 advisory. 4.4.0-2 - Update to version 4.4.0 - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909...
CVE-2022-35407
The CVE concerns InsydeH2O’s SetupUtility driver on Intel platforms, affected versions 5.0–5.5. A stack buffer overflow from handling two UEFI variables allows arbitrary code execution when the second variable exceeds the first, enabling modification of certain UEFI variables. Impact is local, wi...
CVE-2022-35897
CVE-2022-35897 affects Insyde InsydeH2O kernel 5.0–5.5. A stack buffer overflow occurs when an attacker modifies certain UEFI variables, potentially causing arbitrary code execution. Exploitation requires direct SPI modification and the attacker must change at least two of three variables (Secure...
CVE-2022-35897
An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally...
OSV-2022-1188 Stack-buffer-overflow in authentic_get_tagged_data
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53536 Crash type: Stack-buffer-overflow READ 1 Crash state: authenticgettaggeddata authenticparsecredentialdata authenticpingetpolicy...
OSV-2022-1177 Stack-buffer-overflow in FLAC::Decoder::FuzzerDecoder::metadata_callback
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53454 Crash type: Stack-buffer-overflow WRITE 8 Crash state: FLAC::Decoder::FuzzerDecoder::metadatacallback FLAC::Decoder::Stream::metadatacallback readmetadata...
OSV-2022-1175 Stack-buffer-overflow in sc_path_print
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53417 Crash type: Stack-buffer-overflow READ 1 Crash state: scpathprint scselectfile scpkcs15initrmdir...
Oracle Linux 8 : libtiff (ELSA-2022-7585)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7585 advisory. 4.0.9-23 - Fix various CVEs - Resolves: CVE-2022-0561 CVE-2022-0562 CVE-2022-22844 CVE-2022-0865 CVE-2022-0891 CVE-2022-0924 CVE-2022-0909 CVE-2022-090...
libtiff: stack-buffer-overflow in tiffcp.c in main()
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service...