Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2023-21118: Android Security Bulletin—May 2023

In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004

CVE
Open in Source
#vulnerability#android#google#dos#rce#nokia#buffer_overflow#samsung#huawei
Windows 11 is showing its first signs of Rust

Categories: News Tags: Windows 11 Tags: OS Tags: operating system Tags: programming language Tags: rust Tags: C Tags: C++ Tags: kernel Tags: buffer overflow We take a look at the slow introduction of programming language Rust into the Windows 11 kernel in an effort to make it more memory safe. (Read more...) The post Windows 11 is showing its first signs of Rust appeared first on Malwarebytes Labs.

Advantech EKI-15XX Series Command Injection / Buffer Overflow

Advantech EKI-1524-CE series, EKI-1522 series, and EKI-1521 series suffer from command injection and buffer overflow vulnerabilities.

Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance

As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. "Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz said in a

CVE-2023-2676

A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-228890 is the identifier assigned to this vulnerability.

CVE-2023-29286: Adobe Security Bulletin

Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Shannon Baseband SIP Retry-After Header Heap Buffer Overflow

There is a heap buffer overflow in Shannon Baseband when processing the Retry-After header in the SIP protocol decoder (IMSPL_SipRetryAfter.c according to the debug strings in the firmware image).

Shannon Baseband SIP Min-SE Header Stack Buffer Overflow

There is a stack buffer overflow in Shannon Baseband when processing the Min-SE header in the SIP protocol decoder (IMSPL_SipMinSE.c according to the debug strings in the firmware image).

Shannon Baseband SIP Session-Expires Header Stack Buffer Overflow

There is a stack buffer overflow in Shannon Baseband when processing the Session-Expires header in the SIP protocol decoder (IMSPL_SipDecode.c according to the debug strings in the firmware image).

Shannon Baseband SIP Status Line Stack Buffer Overflow

There is a stack buffer overflow in Shannon Baseband when processing the status line of a SIP message (this happens in IMSPL_SipStatusLine.c according to the debug strings in the firmware image).