Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2023-36377: Comparing 2.2...2.3 · mtrojnar/osslsigncode

Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.

CVE
Open in Source
#vulnerability#git#buffer_overflow#ssl
Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.

CVE-2023-35176: Certain HP LaserJet Pro Print Products – Potential Buffer Overflow and/or Denial of Service

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.

CVE-2023-35177: Certain HP LaserJet Pro Print Products - Potential Buffer Overflow

Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.

CVE-2023-35178: Certain HP LaserJet Pro Print Products - Potential Buffer Overflow

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.

Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel

Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.

CVE-2023-26966: SEGV at /libtiff/tif_luv.c:961 in uv_encode() (#530) · Issues · libtiff / libtiff · GitLab

libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.

CVE-2023-25433: heap-buffer-overflow in processCropSelections() at /libtiff/tools/tiffcrop.c:8499 (SIGSEGV) (#520) · Issues · libtiff / libtiff · GitLab

libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.

CVE-2023-30259: Security: Out-of-bounds read in importshp plugin, due to mismatched sizes in DBF file header · Issue #1481 · LibreCAD/LibreCAD

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.

RHSA-2023:3827: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-48281: A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image.