Tag
#buffer_overflow
When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, and Thunderbird < 115.2.
hutool v5.8.21 was discovered to contain a buffer overflow via the component `JSONUtil.parse()`.
hutool v5.8.21 was discovered to contain a buffer overflow via the component `jsonObject.putByPath`.
hutool v5.8.21 was discovered to contain a buffer overflow via the component `jsonArray`.
hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse().
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.
GOM Player version 2.3.90.5360 suffers from a buffer overflow vulnerability.
Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware. The issues are described as below - CVE-2023-41061 - A validation issue in Wallet that could result in arbitrary code execution when handling a maliciously crafted attachment. CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5.2, iOS 16.6.1 and iPadOS 16.6.1. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.