92 matches found
CVE-2024-38616
CVE-2024-38616 affects the Linux kernel wifi: carl9170 stack. The issue is a fortified-memset warning triggered in carl9170_tx_release (inlined via kref_put and carl9170_tx_put_skb) in randconfig builds. The root cause is a Fortify warning in fortify_memset_chk due to memory bounds handling; patc...
CVE-2024-38569 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...
CVE-2024-38569 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...
CVE-2024-38568 drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...
CVE-2024-27342
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...
OESA-2023-1606 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...
CVE-2023-40031 Notepad++ vulnerable to heap buffer write overflow in Utf8_16_Read::convert
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf816Read::convert. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++...
SUSE CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy with a wrong size, leading to a denial of service application crash or possibly code execution...
SUSE CVE-2017-10979
An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...
Why Did the OpenSSL Punycode Vulnerability Happen
Some room-temperature takes on yesterdays not-quite-RCE vulnerabilities in OpenSSL 3.0, and on what there is to learn about safe cryptography engineering. A recap Yesterday OpenSSL published version 3.0.7, which was pre-announced to contain a fix for a CRITICAL vulnerability, the first one since...
The vulnerability of the `system login block-for` command in Cisco NX-OSS routing devices allows a attacker to cause a service failure.
The vulnerability of the system login block-for command in the Cisco NX-OS networking operating system’s routers is related to data writing beyond the buffer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation can exceed the buffer boundaries into memory. This allows a malicious actor to execute arbitrary code or cause a service failure.
The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation goes beyond the buffer boundaries into memory during PDW-file syntax analysis. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause system failures...
CVE-2021-39544
An issue was discovered in sela through 20200412. file::WavFile::writeToFile in wavfile.c has a heap-based buffer overflow...
UBUNTU-CVE-2021-38185
GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...
CVE-2020-17419
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-1894
A stack write overflow in WhatsApp for Android prior to v2.20.35, WhatsApp Business for Android prior to v2.20.20, WhatsApp for iPhone prior to v2.20.30, and WhatsApp Business for iPhone prior to v2.20.30 could have allowed arbitrary code execution when playing a specially crafted push to talk...
CVE-2019-9357
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662995...
CVE-2019-2007
In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for...
DEBIAN-CVE-2018-12115
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...
FreeBSD : GraphicsMagick -- SVG/Rendering vulnerability (e714b7d2-39f6-4992-9f48-e6b2f5f949df)
GraphicsMagick News : Fix heap write overflow of PrimitiveInfo and PointInfo arrays. This is another manefestation of CVE-2016-2317, which should finally be fixed correctly due to active detection/correction of pending overflow rather than using estimation. C Tenable Network Security, Inc. The...