Page 50 of 4107 results (0.035 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. ... A heap-based buffer overflow flaw was found via the Tcg2MeasurePeImage() function in EDK2. Successful exploitation requires a local attacker to trigger an integer overflow in the calculation of the EventSize variable at DxeTpm2MeasureBootLib.c, leading to the heap-buffer overflow, presenting a moderate risk to confidentiality and integrity. • https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ https://access.redhat.com/security/cve/CVE-2022-36764 https://bugzilla.redhat.com/show_bug.cgi?id=2257583 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. ... A heap buffer overflow flaw was found via the Tcg2MeasureGptTable() function in EDK2, arising from inadequate validation of the GPT Primary Header, presenting a minor risk to confidentiality and integrity. ... This issue may allow a local attacker to craft a GPT table, causing an integer overflow and consequent buffer overflow. • https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ https://access.redhat.com/security/cve/CVE-2022-36763 https://bugzilla.redhat.com/show_bug.cgi?id=2257582 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. • https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-190: Integer Overflow or Wraparound

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996 • CWE-190: Integer Overflow or Wraparound

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47994 • CWE-190: Integer Overflow or Wraparound