#buffer_overflow

Drop What You're Doing and Update iOS, Android, and Windows

Plus: Major patches dropped this month for Chrome, Firefox, VMware, Cisco, Citrix, and SAP.

2 years ago

#vulnerability #web #ios #android #mac #windows #apple #google #microsoft #cisco #rce #vmware #buffer_overflow #samsung #auth #zero_day #chrome #firefox #sap #wifi

CVE-2022-45332: heap-buffer-overflow exists in the function decode_preR13_section_hdr in decode_r11.c · Issue #524 · LibreDWG/libredwg

LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.

2 years ago

CVE

Open in Source

#ubuntu #c++#buffer_overflow

CVE-2022-4172: hw/acpi/erst.c: Fix memory handling issues (defb7098) · Commits · QEMU / QEMU · GitLab

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host.

2 years ago

CVE

Open in Source

#git #buffer_overflow #auth

CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability

2 years ago

The Hacker News

Open in Source

#vulnerability #web #google #js #oracle #intel #buffer_overflow #auth #chrome #The Hacker News

CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. <!-

2 years ago

The Hacker News

Open in Source

#vulnerability #web #google #js #oracle #intel #buffer_overflow #auth #chrome #The Hacker News

CVE-2022-45202: Stack buffer overflow in function dimC_box_read at isomedia/box_code_3gpp.c:1070 · Issue #2296 · gpac/gpac

GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c.

2 years ago

CVE

Open in Source

#linux #js #c++#rce #buffer_overflow

Debian Security Advisory 5288-1

Debian Linux Security Advisory 5288-1 - It was discovered that a buffer overflow in GraphicsMagick, a collection of image processing tools, could potentially result in the execution of arbitrary code when processing a malformed MIFF image.

2 years ago

Packet Storm

Open in Source

#linux #debian #js #buffer_overflow

CVE-2022-4135: Chromium: CVE-2022-4135 Heap buffer overflow in GPU

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #google #microsoft #buffer_overflow #chrome #Microsoft Edge (Chromium-based)#Security Vulnerability

CVE-2022-44283: AVS Audio Converter 10.3 Stack Overflow ≈ Packet Storm

AVS Audio Converter 10.3 is vulnerable to Buffer Overflow.

2 years ago

CVE

Open in Source

#windows #linux #buffer_overflow

Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks

2 years ago