#buffer_overflow

LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc.

LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.

Red Hat Security Advisory 2022-6443-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Apple Security Advisory 2022-09-12-5 - Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Pixel Tags: critical Tags: CVE-2022-20364 Tags: CVE-2022-20231 Tags: Trusty Tags: Kernel Google’s Pixel Update Bulletin for September included two security patches that are Pixel specific. (Read more...) The post Update now! Google patches vulnerabilities for Pixel mobile phones appeared first on Malwarebytes Labs.

An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46659: mariadb: Crash executing query with VIEW, aggregate and subquery * CVE-2021-46661: mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) * CVE-2021-46663: mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT ...

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

A number of firmware security flaws uncovered in HP's business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure. Binarly, which first revealed details of the issues at the Black Hat USA conference in mid-August 2022, said the vulnerabilities "can't be detected by firmware integrity monitoring systems due to limitations of the Trusted

cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read.

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system.