OSV-2023-850 Heap-buffer-overflow in bit_TV_to_utf8

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62363 Crash type: Heap-buffer-overflow WRITE 1 Crash state: bitTVtoutf8 jsoncquote dwgjsonLAYOUTprivate...

OSV-2023-849 Stack-buffer-overflow in ulocimp_toLanguageTag_74

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62348 Crash type: Stack-buffer-overflow WRITE 1 Crash state: ulocimptoLanguageTag74 icu74::Locale::toLanguageTag localemorphfuzzer.cpp...

CVE-2022-47637

The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges...

CVE-2023-4881

Removed by vendor...

CVE-2022-30640 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2023-39352

A flaw was found in FreeRDP. An out-of-bounds write may occur when the values rect-left and rect-top are exactly equal to surface-width and surface-height. eg. rect-left == surface-width && rect-top == surface-height. This issue can result in a crash...

CVE-2023-4754 Out-of-bounds Write in gpac/gpac

Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV...

Out-of-bounds

In netdagent, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944012; Issue ID: ALPS07944012...

Out-of-bounds

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144...

Out-of-bounds

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148...

Out-of-bounds

In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441...

Out-of-bounds

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156...

CVE-2023-20840

CVE-2023-20840 affects imgsys with a possible out-of-bounds read/write caused by missing valid-range checks. Exploitation requires user interaction and can grant local escalation of privilege with system execution privileges. A patch is referenced: ALPS07326430 (Issue ALPS07326430). No additional...

CVE-2023-39741

The CVE-2023-39741 vulnerability affects lrzip v0.651, where a heap overflow in libzpaq::PostProcessor::write(int) can be triggered by a crafted file to cause a Denial of Service. The available connected documents confirm the root cause in /libzpaq/libzpaq.cpp and consistently describe DoS impact...

CVE-2023-39125

NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmprw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is "this main application was not intended to be a well tested program, it's just something to demonstrate it works and fo...

CVE-2023-39405

CVE-2023-39405 is described as an out-of-bounds parameter read/write vulnerability in the Wi‑Fi module of Huawei HarmonyOS. The issue, when exploited, may allow escalation of privileges and cause other apps to be executed with higher privileges. The provided documents identify the affected platfo...

Huawei HarmonyOS out-of-bounds write vulnerability (CNVD-2023-64092)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an out-of-bounds write vulnerability, which stems from a parameter out-of-bounds read/write in the WLAN module. An attacker can...

OSV-2023-674 Heap-buffer-overflow in get_grouplength

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61269 Crash type: Heap-buffer-overflow WRITE 4 Crash state: getgrouplength getbranchlength getgrouplength...

Siemens Parasolid 缓冲区错误漏洞

Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing, and free-form surface/table modeling.Teamcenter Visualization enables organizations to enhance their product lifecycle management PLM environments with a range of comprehensiv...

Out-of-bounds

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811...