Ubuntu Security Notice 5988-1 - It was discovered that integer overflows vulnerabilities existed in Xcftools. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
bde642c6657d07ea328d86508275a3383ebe1962bfbef9e018aa344510b008e4Inbit Messenger versions 4.6.0 through 4.9.0 suffer from a remote unauthenticated SEH overflow.
dfeb0e7e930839fa500dc94fd1b8171d35a2ab558f476c541267b91596e8d3ebApple Security Advisory 2023-03-27-7 - watchOS 9.4 addresses bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.
b6879bb072dc3bcaf057025d49c0a283fb7726fa16d8a7f521acfcb3b1d18dd1Apple Security Advisory 2023-03-27-6 - tvOS 16.4 addresses bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.
e42f83fe6b5a103a0898eab7c9362686f11ad4ddf7d70f2e5929f0e69061f91cApple Security Advisory 2023-03-27-5 - macOS Big Sur 11.7.5 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
d3cdaa1e0b2cb20a97257137b5dcffd5cb406a1e65cc4b68176609f11f239ba7Apple Security Advisory 2023-03-27-4 - macOS Monterey 12.6.4 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
739ebbc2aa08de0dd5a0e2a5bb4889f44cdd6fdabb272260bc18eca98e3250b8Apple Security Advisory 2023-03-27-3 - macOS Ventura 13.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
cb75f6c37534e8f4215e6f7a345a9fb3a56b1318a90f16c63dcb93ae4ed9d148Ubuntu Security Notice 5974-1 - It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
7ea27cb3a38cff5a0c8bad949c6dd1e461ab1eb50381661f2ce89696c5df6f0cApple Security Advisory 2023-03-27-1 - iOS 16.4 and iPadOS 16.4 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
7cf02a5429f677335b3e85e292f307419d32759e73ffd0964b3e10037f9e4867Explorer32++ version 1.3.5.531 suffers from a buffer overflow vulnerability.
f80b4a69256c38987b58c51bee5f679412107e689665abba0114e994ae24cb15Frhed version 1.6.0 suffers from a buffer overflow vulnerability.
959dde62637448d83679582cb44257ab5507ba4fbdb345f1bda8f8a902e1f27cResource Hacker version 3.6.0.92 suffers from a buffer overflow vulnerability.
2e9e7023f2e6aa04cb6e80ed7b36edd27607bd73413af2fdd7b092c6f06c8af4Scdbg version 1.0 suffers from a buffer overflow vulnerability that can cause a denial of service condition.
64a8c65f248d645e55c041b0566b60a6dcdb8bcf99a591a68e3ce6cce400fcd7Ubuntu Security Notice 5969-1 - It was discovered that gif2apng contained multiple heap-base overflows. An attacker could potentially exploit this to cause a denial of service.
9ebdf0adcb1893f80067f41ecfc474e2390e5d4d1bf486d663f8686f57f9d8abRed Hat Security Advisory 2023-1435-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
dd436a1459e614650dfaf83560c5bf171a6898681df03faaaeab250951d66011This Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host.
fc9419af3871336277cafde42125966d876812e4e57c8b48da3a83050219381fThere is an intra-object overflow in Shannon Baseband, inside the 5G SM protocol implementation (NrSmMsgCodec as it is called in Shannon according to debug strings), when decoding the Extended protocol configuration options message (IEI = 0x7B).
fbcb90e472d2e3ece0a5999daefccbac91cb16b93b5bdde7163bb7f5b46c8021There is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Service Area List message (IEI = 0x27).
ca27ff3f40a5cef1422ff326c82c6ac37d4d2a24ac33342144bc8a5c84aa2848There is a heap buffer overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Operator-defined access category definitions message (IEI = 0x76).
0d9b32ed9b931576486f7e7630f9b8e393f008ff2bccc77a8e30f84a45f1e0f0There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the "Extended emergency number list" message (IEI = 0x7A).
ba04bb179ad4db118c637bfe6c329d2d3ebef7e310034bd5a8af11fa0123adc3There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the "Emergency number list" message (IEI = 0x34).
ff7c534a4bbc11dc3cd3ac7fb2571e8b2fc9cddf789fa05fff2fc30be17f2acaRed Hat Security Advisory 2023-1199-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
4e40b595047797d81adf804c2f45bc97a61c115d639ef1d1e21d8aa98767fd4bRed Hat Security Advisory 2023-1202-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
81d3d8b27a6fa2c0db23de409ae6c3197b8bebc077e6199e84504e85d6fae24fRed Hat Security Advisory 2023-1203-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
a3d141685ff20e1c646ed2d89ddee00216895375b045979acf44b06ec5599787Ubuntu Security Notice 5949-1 - It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium contained an integer overflow in the PDF component. A remote attacker could possibly use this issue to corrupt memory via a crafted PDF file, resulting in a denial of service, or possibly execute arbitrary code.
3df9bbcf1785396ee227923d5d9a83d0d2678e4aa22fb5ff6aeac64d77cfc01a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed