Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

Critical Vulnerabilities Exposed Nuki Smart Locks to a Plethora of Attack Options

By Deeba Ahmed Researchers have identified as many as eleven critical vulnerabilities in different versions of Nuki Smart Locks. The IT… This is a post from HackRead.com Read the original post: Critical Vulnerabilities Exposed Nuki Smart Locks to a Plethora of Attack Options

HackRead
Open in Source
#vulnerability#web#dos#js#git#buffer_overflow#auth#wifi#ssl
CVE-2021-33448: AddressSanitizer: stack-buffer-overflow in <unknown module> · Issue #170 · cesanta/mjs

An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.

CVE-2021-33438: Minimum information for the vulnerability covered by 32 CVEs.

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection

As many as 207 websites have been infected with malicious code designed to launch a cryptocurrency miner by leveraging WebAssembly (Wasm) on the browser. Web security company Sucuri, which published details of the campaign, said it launched an investigation after one of its clients had their computer slowed down significantly every time upon navigating to their own WordPress portal. This

Patlite 1.46 Buffer Overflow

Patlite versions 1.45 and below suffer from a buffer overflow vulnerability.

CVE-2021-46829: Release GdkPixbuf 2.42.8 (stable) (bca00032) · Commits · GNOME / gdk-pixbuf · GitLab

GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit systems.

Microsoft Patch Tuesday July 2022: propaganda report, CSRSS EoP, RPC RCE, Edge, Azure Site Recovery

Hello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldn’t be unusual for a US government agency, NSA or CIA to publish such a report. But when a global IT vendor, which, in […]

CVE-2022-1143: Stable Channel Update for Desktop

Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.

CVE-2022-1142

Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools.