#buffer_overflow

Red Hat Security Advisory 2024-8119-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2024-8118-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2024-8117-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2024-8120-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Ubuntu Security Notice 7068-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The vulnerabilities included memory leaks, buffer overflows, and improper handling of pixel data.

WatchGuard XTM Firebox version 12.5.x suffers from a buffer overflow vulnerability.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable from an adjacent network Vendor: Siemens Equipment: Siveillance Video Camera Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Siemens Siveillance Video Camera are affected: Siveillance Video Camera: All versions prior to V13.2 3.2 Vulnerability Overview 3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120 A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with ac...

Artica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.

Ubuntu Security Notice 7060-1 - It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Red Hat Security Advisory 2024-7875-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and null pointer vulnerabilities.