| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. |
| Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. |
| Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity. |
| Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality. |
| Transient DOS when processing a received frame with an excessively large authentication information element. |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability |
| Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. |
| Transient DOS may occur while processing malformed length field in SSID IEs. |
| A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service (DoS) via a crafted input. |
| Transient DOS while parsing video packets received from the video firmware. |
| Information disclosure while processing a firmware event. |
| Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element. |
| A Buffer Over-read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
When an affected device receives a BGP update with a set of specific optional transitive attributes over an established peering session, rpd will crash and restart when attempting to advertise the received information to another peer.
This issue can only happen if one or both of the BGP peers of the receiving session are non-4-byte-AS capable as determined from the advertised capabilities during BGP session establishment. Junos OS and Junos OS Evolved default behavior is 4-byte-AS capable unless this has been specifically disabled by configuring:
[ protocols bgp ... disable-4byte-as ]
Established BGP sessions can be checked by executing:
show bgp neighbor <IP address> | match "4 byte AS"
This issue affects:
Junos OS:
* all versions before 22.4R3-S8,
* 23.2 versions before 23.2R2-S5,
* 23.4 versions before 23.4R2-S6,
* 24.2 versions before 24.2R2-S2,
* 24.4 versions before 24.4R2;
Junos OS Evolved:
* all versions before 22.4R3-S8-EVO,
* 23.2 versions before 23.2R2-S5-EVO,
* 23.4 versions before 23.4R2-S6-EVO,
* 24.2 versions before 24.2R2-S2-EVO,
* 24.4 versions before 24.4R2-EVO. |
| A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function js_array_buffer_slice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited. This product adopts a rolling release strategy to maintain continuous delivery Patch name: c6fe5a98fd3ef3b7064e6e0145dfebfe12449fea. To fix this issue, it is recommended to deploy a patch. |
| Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubishi Electric GENESIS64 versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 and prior, Mitsubishi Electric ICONICS Suite versions 10.97 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 and prior, Mitsubishi Electric GENESIS32 versions 9.7 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 versions 9.7 and prior allows an attacker to cause a DoS condition in the database server by getting a legitimate user to import a configuration file containing specially crafted stored procedures into GENESIS64, ICONICS Suite, MC Works64, or GENESIS32 and execute commands against the database from GENESIS64, ICONICS Suite, MC Works64, or GENESIS32. |
| pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer. |
| A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs (such as LSTAR) as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 (1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys) that lacks a properly secured DACL, allowing unprivileged users to interact with the driver and, as a result, the kernel. This can result in local privilege escalation, information disclosure, denial of service, and other unspecified impacts. |
