#buffer_overflow

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: low attack complexity Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Out-of-bounds Write, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Use After Free, Access of Uninitialized Pointer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the application or allow an attacker to run harmful code on the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports that the following versions of Arena Simulation Software are affected: Arena Simulation Software: version 16.00 3.2 Vulnerability Overview 3.2.1 Out-of-bounds Write CWE-787 An arbitrary code execution vulnerability could let a malicious user insert unauthorized code into the software. This is done by writing beyond the designated memory area, which causes an access violation. Once inside, the threat actor can run harmful code...

In the case of pig butchering scams, it’s not really anything that can be solved by a cybersecurity solution or sold in a package.

By Deeba Ahmed Pwn2Own is back! This is a post from HackRead.com Read the original post: Pwn2Own 2024 Awards $700k as Hackers Pwn Tesla, Browsers, and More

There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.

Red Hat Security Advisory 2024-1417-03 - An update for libX11 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-1412-03 - An update for gmp is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2024-1409-03 - An update for cups is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, denial of service, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1317-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Issues addressed include buffer overflow, cross site scripting, information leakage, out of bounds read, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1327-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.