Exploit for Out-of-bounds Write in Google Android

android-gadget Summary Certain revisions of the Linux ker...

Out Of Bounds Read And Write

chromium is vulnerable to Out Of Bounds Read And Write. A remote attacker is able to potentially exploit heap corruption via a crafted HTML page...

Path traversal

A path traversal vulnerability in Ivanti EPMM versions 11.10.x 11.10.0.3, 11.9.x 11.9.1.2 and 11.8.x 11.8.1.2 allows an authenticated administrator to write arbitrary files onto the appliance...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6246-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6246-1 advisory. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an...

CVE-2022-28734

Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's...

CVE-2022-28734

Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's...

CVE-2023-30651

Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code...

CVE-2023-31194

An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability...

Out-of-bounds

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202...

Out-of-bounds

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410...

Samsung Mobile Devices Race Condition Vulnerability

Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised...

CVE-2023-34146

An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...

CVE-2023-25003

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution...

CVE-2023-25518

Summary: CVE-2023-25518 affects NVIDIA Jetson devices due to a flaw in CBoot where the PCIe controller is initialized without an IOMMU. This can allow a physical attacker to read/write arbitrary memory, with potential results including code execution, denial of service, information disclosure, an...

CVE-2023-1183

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker...

Out-of-bounds

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

EulerOS Virtualization 3.0.6.0 : httpd (EulerOS-SA-2023-2240)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...

OSV-2023-471 Heap-buffer-overflow in H5FS__sinfo_serialize_node_cb

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59695 Crash type: Heap-buffer-overflow WRITE 1 Crash state: H5FSsinfoserializenodecb H5SLiterate H5FScachesinfoserialize...

Out-of-bounds

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914...

Out-of-bounds

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900...