Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

Red Hat Security Advisory 2022-5002-01

Red Hat Security Advisory 2022-5002-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.

Packet Storm
#vulnerability#ios#mac#linux#red_hat#git#java#perl#bios#buffer_overflow#ssh#ruby
Kitty 0.76.0.8 Stack Buffer Overflow

Kitty version 0.76.0.8 suffers from a buffer overflow vulnerability.

Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials

Infiray IRAY-A8Z3 thermal camera version 1.0.957 suffers from hardcoded web credential, authenticated remote code execution, buffer overflow, lack of password for root, and outdated software component vulnerabilities.

Zyxel Buffer Overflow / Format String / Command Injection

Zyxel firewalls, AP controllers, and APs suffer from buffer overflow, format string, and command injection vulnerabilities.

CVE-2022-2125

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

CVE-2021-46822: libjpeg-turbo rdppm.c denial of service Vulnerability Report

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c.

CVE-2022-29496: TALOS-2022-1524 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.

CVE-2022-33756: Support Content Notification - Support Portal - Broadcom support portal

CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.

CVE-2022-30650: Adobe Security Bulletin

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2022-30658: Adobe Security Bulletin

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.