Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2023-23495: About the security content of macOS Sonoma 14

A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.

CVE
Open in Source
#web#ios#mac#windows#apple#google#cisco#dos#js#git#buffer_overflow#auth#webkit#ssl
Pegasus spyware and how it exploited a WebP vulnerability

Categories: Android Categories: Apple Categories: Exploits and vulnerabilities Tags: Pegasus Tags: spyware Tags: nso Tags: webp Tags: libwebp Tags: buffer overflow The company behind the infamous Pegasus spyware used a vulnerability in almost every browser to plant their malware on victim's devices. (Read more...) The post Pegasus spyware and how it exploited a WebP vulnerability appeared first on Malwarebytes Labs.

CVE-2023-4259: Potential buffer overflow vulnerabilities in the Zephyr eS-WiFi driver

Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code.

CVE-2023-32614: TALOS-2023-1749 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-35002: TALOS-2023-1760 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-40163: TALOS-2023-1836 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the allocate_buffer_for_jpeg_decoding functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-28393: TALOS-2023-1742 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the tif_processing_dng_channel_count functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-32284: TALOS-2023-1750 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-23567: TALOS-2023-1729 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially crafted file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-43131: OffSec’s Exploit Database Archive

General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow.