sgx_disp_ippsAES_GCMEncrypt allows an out-of-bounds write, resulting in a segfault and compromised enclave.
For more information, see Īn issue was discovered in SKALE sgxwallet 1.58.3.
IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools = v2.5.0 contain Heap-based Buffer Overflow (CWE-122). This was exploitable by a remote unauthenticated attacker.Īmzetta zPortal DVM Tools is affected by Buffer Overflow. A buffer overflow existed in the vaultServer component.
This issue affects Apache Traffic Server 9.1.0.Ī heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller.Īn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. An attacker can leverage this vulnerability to execute code in the context of the current process.īuffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame.Ī stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms.Ī stack-based buffer overflow in image_load_bmp() in HTMLDOC before 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.Ī buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1. A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.ĭelta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.Īmazon WorkSpaces agent is affected by Buffer Overflow.