EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2022-2611)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap dat...

OTFCC Buffer Overflow Vulnerability (CNVD-2023-11782)

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files.OTFCC 0.10.4 and earlier versions have a buffer overflow vulnerability that originates in /release-x64/otfccdump 0x6b84b1 with a boundary error when processing untrusted input, which can be...

CVE-2022-39127

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel...

CVE-2022-38671

In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel...

Out-of-bounds

In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405...

GHSA-6W4Q-23CF-J9JP parse-server's session object properties can be updated by foreign user if object ID is known

Impact A foreign user can write to the session object of another user if the session object ID is known. For example, a foreign user can assign the session object to their own user by writing to the user field and then read any custom fields of that session object. Note that assigning a session t...

Updated libtiff packages fix security vulnerability

libtiff's tiffcrop utility has a uint32t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop likely via tricking a user to run tiffcrop on it with certain parameters could cause a crash or in some cases, further exploitation. CVE-2022-2867...

CVE-2022-28853

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Ubuntu 16.04 ESM : LibTIFF vulnerabilities (USN-5604-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5604-1 advisory. It was discovered that LibTIFF incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly...

Out-of-bounds

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the...

CVE-2022-26449

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177810; Issue ID: ALPS07177810...

Out-of-bounds

In preloader usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

PT-2022-17877 · Audio Ipi · Audio Ipi

Name of the Vulnerable Software and Affected Versions: audio ipi affected versions not specified Description: The issue is related to an incorrect bounds check in audio ipi, which could lead to a possible out of bounds write. This may result in local escalation of privilege, requiring System...

PT-2022-17879 · Rpmb · Rpmb

Name of the Vulnerable Software and Affected Versions: rpmb affected versions not specified Description: The issue is related to a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege, with System execution privileges needed. User...

CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

Out-of-bounds

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

Security Advisory - Out-of-bounds Read and Write Vulnerability in Some Huawei Headset Products

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be...

CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

Ubuntu: Security Advisory (USN-4163-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...