Out-of-bounds

In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826586; Issue ID: ALPS07826586...

PT-2023-17586 · Mediatek · Mt6990 +3

Name of the Vulnerable Software and Affected Versions: MT6880 versions prior to patch ALPS07734004 MT6890 versions prior to patch ALPS07734004 MT6980 versions prior to patch ALPS07874358 MT6990 versions prior to patch ALPS07874358 Description: In the preloader, there is a possible out of bounds...

AlmaLinux 8 : kpatch-patch (ALSA-2023:3351)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3351 advisory. - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write...

Path traversal

In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory...

Code injection

Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LIN...

Autodesk PSKernel Out-of-bounds Read/Write (AutoCAD) (adsk-sa-2023-0009)

The version of Autodesk AutoCAD installed on the remote Windows host is a version prior to 2020.1.6, 2021.1.3, 2022.1.3 or 2023.1.1. It is, therefore, affected by multiple vulnerabilities. - A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 may be used to trigger out-of-bound read...

CVE-2023-20700

In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304...

Out-of-bounds

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 For MT6880 and MT6890 only; Issue I...

PT-2023-17566 · Google · Widevine

Name of the Vulnerable Software and Affected Versions: Widevine affected versions not specified Description: The issue is caused by a logic error, leading to a possible out of bounds write. This could result in local escalation of privilege, with System execution privileges needed. User interacti...

EulerOS 2.0 SP9 : httpd (EulerOS-SA-2023-1872)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header...

Out-of-bounds

In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-1780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2023-2194

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data-block0" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dmabuffer. This flaw could allow a local privilege...

CVE-2023-2194

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data-block0" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dmabuffer. This flaw could allow a local privilege...

CVE-2022-48312

The CVE-2022-48312 entry concerns the HwPCAssistant module in Huawei/HarmonyOS, described as an out-of-bounds read/write vulnerability that may compromise confidentiality and integrity. The connected records identify the affected component (HwPCAssistant) and the underlying issue (out-of-bounds a...

CVE-2023-26415

Adobe Substance 3D Designer version 12.4.0 and earlier is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2023-1596)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header...

Cross site scripting

Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Out-of-bounds

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet...

Out-of-bounds

In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148...