Ubuntu Security Notice 7060-1 - It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
4da85379bce0bd996f69858bb941555e77ae2c4f4a4eeb00ea9f355b115bb3ed
Red Hat Security Advisory 2024-7875-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and null pointer vulnerabilities.
bfb4f424d33f632351116317ccc496f237de754375206c1277443c5a6f1922b5
There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.
2e6ee0c003e7075d02a19941dea59ff9838200ead28039478bb67d1a365c5bdc
Red Hat Security Advisory 2024-7599-03 - Red Hat OpenShift Container Platform release 4.16.16 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, integer overflow, and out of bounds write vulnerabilities.
98c24f50e8c2d91007eed7248f45a2aaf03aaf6b8738f9d70f4a7579b1709b17
Debian Linux Security Advisory 5786-1 - Integer overflows flaws were discovered in the Compound Document Binary File format parser of libgsf, the GNOME Project G Structured File Library, which could result in the execution of arbitrary code if a specially crafted file is processed.
98c0d59e2d6c56f5374ef98a8c7336b85fff3f90be2ec312d6bc3af96e794ba8
Ubuntu Security Notice 7053-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. These vulnerabilities included heap and stack-based buffer overflows, memory leaks, and improper handling of uninitialized values.
c46fa2a8f39b4ff10e8c0dddf0bf320de57a6dc38c9be5fef165226cc363c4a8
Ubuntu Security Notice 7048-1 - Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service.
bcaa966b946ebbac60b29bd722b6caa356f8d815ffea551ffb97ecb1e1d02926
Backdoor.Win32.Prorat.jz malware suffers from a buffer overflow vulnerability.
a1f2f2d06b92875d0d19569387aac4e9a1c23766a1289286cdc961ea4b1b0fd1
Backdoor.Win32.Agent.pw malware suffers from a buffer overflow vulnerability.
7fa82baa98ac10e7877b5d15186d291cc19793db34d1c44febf37e06a22af7aa
Red Hat Security Advisory 2024-7260-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and null pointer vulnerabilities.
ac3880773d14a3e47238cac9cd3315d02b880598b6b6c1e0027c9a5069ba5a82
Red Hat Security Advisory 2024-6989-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include an integer overflow vulnerability.
b71da4123a14f11878f37cb7e395b7ca59b14bf7f93e218b1a39114604455a67
Red Hat Security Advisory 2024-6931-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.
5e50b684c9e50492a88f318f11a7bc69e2a74d30256e479c13b2e7f891f99dab
Red Hat Security Advisory 2024-6849-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a buffer overflow vulnerability.
290c4a49c27cdc9100578abf03316649beca2bd4a30fe4026c9f97755a149b2e
Red Hat Security Advisory 2024-6845-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
f6b9a43d2cfc020a805cdb353bd99cd6ec52876266a291a127d8e0498d74449c
Red Hat Security Advisory 2024-6754-03 - An update for expat is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.
1e7a9f87c0ace68990f4a08b68cfb38a9ad49602f9763ff5160e2c4df582b068
Ubuntu Security Notice 7019-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.
896effafd923d1de3290843acdecad88190e552d3dbe3db65ed560f5e511dd7a
Apple Security Advisory 09-16-2024-10 - macOS Ventura 13.7 addresses buffer overflow, bypass, out of bounds access, out of bounds read, and spoofing vulnerabilities.
83bec15ab00978bb0f11e5f9e97e565cb578510b79514deba529887e8947a015
Apple Security Advisory 09-16-2024-9 - macOS Sonoma 14.7 addresses buffer overflow, bypass, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities.
8c7c598c2151ce639d355f21defbebd09be8b2089b0d7ca88eaa2eab7d02cc0a
Apple Security Advisory 09-16-2024-5 - visionOS 2 addresses cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
c33139a06c51eeb99d320b409bf3dff9bf4f6d249df655edcfd84eafd70434a2
Apple Security Advisory 09-16-2024-4 - watchOS 11 addresses cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
cc37085fe262bc1e832562736dee07e94a59cea8867890657c7639a8a8399592
Apple Security Advisory 09-16-2024-3 - tvOS 18 addresses cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
c843d6fa186a698c1ffac01558f67ac6e0b1a38e1a1b300aaa7215b653a61d6f
Apple Security Advisory 09-16-2024-2 - macOS Sequoia 15 addresses buffer overflow, bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities.
11e0895c93cecb300d8a33d6e28f17812bc77aab5debcbcbe16f0a04cf9334cb
Apple Security Advisory 09-16-2024-1 - iOS 18 and iPadOS 18 addresses bypass, cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
fa8e9aa24c477ac62dac02f1d7ffb2d3727adf70a3fa512f104f0036e314d08e
This Metasploit module exploits a stack-based buffer overflow vulnerability in MPlayer Lite r33064, caused by improper bounds checking of an URL entry. By persuading the victim to open a specially-crafted .M3U file, specifically by drag-and-dropping it to the player, a remote attacker can execute arbitrary code on the system.
61c9fed931a83bc7851c93ab4e149ec607c061edc841c01aaf722c287b7d3742
Ubuntu Security Notice 7001-1 - Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did properly handle the potential for an integer overflow on 32-bit platforms. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.
dd777efeaab59422d2fe51b3d1cc0f03bc68451f5c70dd442a7b4f075550b945