20 matches found
Apple Security Advisory 05-11-2026-6
Apple Security Advisory 05-11-2026-6 - macOS Tahoe 26.5 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
CVE-2025-52540
An improper input validation vulnerability within the AMD Platform Management Framework PMF Driver can allow a local attacker to write Out-of-Bounds, potentially resulting in privilege escalation...
Open SAE J1939 输入验证错误漏洞
Open SAE J1939 is a CAN bus communication protocol library for industrial vehicles by Daniel Mårtensson, a private developer. Open SAE J1939 suffers from an input validation error vulnerability that stems from an integer underflow in the transport protocol data transfer processing resulting in an...
CVE-2025-48518
Improper input validation in AMD Graphics Driver could allow a local attacker to write out of bounds, potentially resulting in loss of integrity or denial of service...
CVE-2024-36310
Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or integrity...
Moderate: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap CVE-2025-9230 For more details about the securi...
CVE-2023-39490
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
USN-6602-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. CVE-2023-20588 It was discovered...
MediaTek Chip Buffer Error Vulnerability
MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of valid range checking in imgsys, which may result in read and write out-of-bounds conditions...
AZL-34939 CVE-2022-33064 affecting package libsndfile for versions less than 1.2.2-1
An off-by-one error in function wavreadheader in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts...
UBUNTU-CVE-2022-33064
An off-by-one error in function wavreadheader in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts...
USN-5895-1 mplayer vulnerabilities
It was discovered that MPlayer could be made to divide by zero when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. CVE-2022-38850,...
Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerability (USN-5591-4)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5591-4 advisory. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A loca...
SUSE: Security Advisory (SUSE-SU-2020:3065-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei P30 缓冲区错误漏洞
Huawei P30 is a smartphone from Chinese company Huawei Huawei. Huawei P30 suffers from a memory write out-of-bounds vulnerability. The vulnerability is due to insufficient validation of incoming parameters, a write out-of-bounds occurs in one of the system's protocols when processing a request...
Multiple Qualcomm Products Input Validation Error Vulnerability
A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. An input validation error vulnerability exists in multiple Qualcomm...
PYSEC-2020-137
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...
Huawei P20 Memory Write Overrun Vulnerability
Huawei P20 is a smartphone from Huawei. Huawei P20 suffers from a memory write out-of-bounds vulnerability. When the user performs certain query operations, the system does not properly process the returned response message, an attacker can send a well-constructed response message to the phone,...
CVE-2017-2816
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability...
FreeBSD : tidy -- heap-buffer-overflow (bd1ab7a5-0e01-11e5-9976-a0f3c100ae18)
Geoff McLane reports : tidy is affected by a write out of bounds when processing malformed html files. This issue could be abused on server side applications that use php-tidy extension with user input. The issue was confirmed, analyzed, and fixed by the tidy5 maintainer. %NASLMINLEVEL 70300 C...