PT-2023-13090 · Unknown · Keyinstall

Name of the Vulnerable Software and Affected Versions: keyinstall affected versions not specified Description: The issue is related to an integer overflow in keyinstall, which can cause an out of bounds write. This could lead to local escalation of privilege, requiring System execution privileges...

PT-2023-13089 · Gps · Gps

Name of the Vulnerable Software and Affected Versions: gps affected versions not specified Description: The issue is related to a possible out of bounds write in gps due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use...

CVE-2022-0566

It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird 91.6.1...

OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1630 OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability December 22, 2022 CVE Number CVE-2022-38143 SUMMARY A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted...

EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-2856)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

CVE-2022-41992

A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability...

Design/Logic Flaw

A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0...

CVE-2022-20411

In avdtmsgasmbl of avdtmsg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

Important: libtiff

Issue Overview: A flaw was found in libtiffs tiffcrop utility that has a uint32t underflow that can lead to an out-of-bounds read and write. This flaw allows an attacker who supplies a crafted file to tiffcrop to cause a crash or, in some cases, further exploitation. CVE-2022-2867 Affected...

Important: samba

Issue Overview: It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a...

Out-of-bounds

In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923...

RHEL 8 : kernel-rt (RHSA-2022:8673)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8673 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...

AddressSanitizer: heap-buffer-overflow in alloc.c 246:11

Description ================================================================= ==19339==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x606000001015 at pc 0x0000004872d8 bp 0x7ffdef721150 sp 0x7ffdef720910 WRITE of size 2 at 0x606000001015 thread T0 Detaching after fork from child proce...

OSV-2022-1178 Heap-buffer-overflow in bytes_copy_rectangle_zero_padding

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53456 Crash type: Heap-buffer-overflow WRITE 7 Crash state: bytescopyrectanglezeropadding cmdputbits clistchangebits...

Out-of-bounds

In TBD of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239555411References...

Siemens Parasolid out-of-bounds write vulnerability

Parasolid is a 3D geometric modeling tool that supports multiple techniques, including solid modeling, direct editing, and free-form surface/table modeling.An out-of-bounds write vulnerability exists in Siemens Parasolid, which can be exploited by attackers to execute code in the context of the...

PT-2022-21403 · Gpu Drm · Gpu Drm

Name of the Vulnerable Software and Affected Versions: gpu drm affected versions not specified Description: The issue is related to improper input validation in gpu drm, which could lead to a possible out of bounds write. This may result in local escalation of privilege, requiring System executio...

CVE-2022-3872

CVE-2022-3872 — QEMU SDHCI off-by-one read/write : A vulnerability in the SDHCI device (Buffer Data Port Register) when data_count == block_size, exploitable by a malicious guest to crash the QEMU process on the host, causing denial of service. Affected component: QEMU SDHCI read_dataport/write_d...

SUSE: Security Advisory (SUSE-SU-2022:3841-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-6988 · Unknown · Keyinstall

Name of the Vulnerable Software and Affected Versions: keyinstall affected versions not specified Description: The issue is related to a possible out of bounds write in the keyinstall component due to a missing bounds check. This could lead to local escalation of privilege with System execution...