![]() ![]() Heap buffer overflow in PDF in Google Chrome prior to 1.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service. Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.Ī heap-based Buffer Overflow flaw was discovered in Samba. ![]() Integer overflow in USB in Google Chrome prior to 1.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program. Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the _sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. This flaw allows a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data to be printed (and potentially leaked) to the kernel ring buffer (dmesg). An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |