Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2023-4259: Potential buffer overflow vulnerabilities in the Zephyr eS-WiFi driver

Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code.

CVE
Open in Source
#vulnerability#dos#git#buffer_overflow#wifi
CVE-2023-32614: TALOS-2023-1749 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-35002: TALOS-2023-1760 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-40163: TALOS-2023-1836 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the allocate_buffer_for_jpeg_decoding functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-28393: TALOS-2023-1742 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the tif_processing_dng_channel_count functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-32284: TALOS-2023-1750 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-23567: TALOS-2023-1729 || Cisco Talos Intelligence Group

A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially crafted file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-43131: OffSec’s Exploit Database Archive

General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow.

Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable

Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day bugs discovered in its software this year to 16. The list of security vulnerabilities is as follows - CVE-2023-41991 - A certificate validation issue in the Security framework that could allow a

CVE-2023-4504: CUPS Heap-based buffer overflow

Due to failure in validating the length provided by an attacker-crafted PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023.