Known Exploited Vulnerabilities Out-of-Bounds (Read and Write) Capability Group

CVE-2024-4761 is an out of bounds write vulnerability that allows a remote attacker to perform an out of bounds memory write via a crafted HTML page.

This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write. Threat actors have been observed implementing a symbolic link, left behind to maintain read-only access to impacted devices.

This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write. Threat actors have been observed implementing a symbolic link, left behind to maintain read-only access to impacted devices.

This vulnerability allows adversaries to execute arbitrary code via specially crafted http requests that trigger an out of bounds write. Threat actors have been observed implementing a symbolic link, left behind to maintain read-only access to impacted devices.

This vulnerability is exploited by an adversary who has already gained network access to the vCenter Server. The adversary sends a crafted payload to the server that has a vulnerable DCERPC protocol and causes an out-of-bounds write on the jmp rax instruction. Adversary group UNC3886 has been attributed to leveraging this vulnerability in the wild to establish a backdoor in victim vCenter servers.

This vulnerability is exploited by an adversary who has already gained network access to the vCenter Server. The adversary sends a crafted payload to the server that has a vulnerable DCERPC protocol and causes an out-of-bounds write on the jmp rax instruction. Adversary group UNC3886 has been attributed to leveraging this vulnerability in the wild to establish a backdoor in victim vCenter servers.

This vulnerability is exploited through a user opening a malicious PDF file.

This vulnerability is exploited through a user opening a malicious PDF file.

This vulnerability is exploited by an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability has been identified as being exploited in the wild by Chinese adversary groups.

This vulnerability is exploited by an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability has been identified as being exploited in the wild by Chinese adversary groups.

This vulnerability is exploited by an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability has been identified as being exploited in the wild by Chinese adversary groups.

The Polkit/Pwnkit vulnerability (CVE-2021-4034) is a critical vulnerability impacting every major Linux distribution. Its attack vector allows privilege escalation and can even give the attacker root access.

A zero-click attack leveraging this vulnerability involves sending a maliciously crafted photo or video in an iCloud link via the Messages app. Reports indicate that the targeted devices are then compromised with Paragon's Graphite spyware.

A zero-click attack leveraging this vulnerability involves sending a maliciously crafted photo or video in an iCloud link via the Messages app. Reports indicate that the targeted devices are then compromised with Paragon's Graphite spyware.

A zero-click attack leveraging this vulnerability involves sending a maliciously crafted photo or video in an iCloud link via the Messages app. Reports indicate that the targeted devices are then compromised with Paragon's Graphite spyware.

Victims are tricked into visiting malicious web pages crafted to trigger exploitation of this vulnerability, leading to undefined behavior.

Victims are tricked into visiting malicious web pages crafted to trigger exploitation of this vulnerability, leading to undefined behavior.

This vulnerability, present in VMWare ESXi, Workstation, and Fusion, is the result of an out-of-bounds read in the Host Guest File System (HGFS) and can be exploited by attackers with administrative privileges to disclose sensitive information from the VMX process. An attacker could then move into the hypervisor itself.

Out of bounds write exists in FreeType that has been exploited through malicious font files, causing the application to crash.

Out of bounds write exists in FreeType that has been exploited through malicious font files, causing the application to crash.

Out of bounds write exists in FreeType that has been exploited through malicious font files, causing the application to crash.

An out-of-bounds zero-day flaw exists in WebKit that adversaries have been exploiting via specially crafted web content to escape the Web Content sandbox.

An out-of-bounds zero-day flaw exists in WebKit that adversaries have been exploiting via specially crafted web content to escape the Web Content sandbox.

This vulnerability, present in VMWare ESXi, Workstation, and Fusion, is the result of an out-of-bounds read in the Host Guest File System (HGFS) and can be exploited by attackers with administrative privileges to disclose sensitive information from the VMX process. An attacker could then move into the hypervisor itself.

This vulnerability, present in VMWare ESXi, Workstation, and Fusion, allows an attacker with VMX process privileges to write in the kernel memory, triggering a sandbox escape.

This vulnerability, present in VMWare ESXi, Workstation, and Fusion, allows an attacker with VMX process privileges to write in the kernel memory, triggering a sandbox escape.

By exploiting the TOCTOU vulnerability in VMWare ESXi, Workstation, and Fusion, an attacker with local admin privileges can execute code in the VMX process on the host, in effect, functioning as an escape from the virtual machine to the host system.

By exploiting the TOCTOU vulnerability in VMWare ESXi, Workstation, and Fusion, an attacker with local admin privileges can execute code in the VMX process on the host, in effect, functioning as an escape from the virtual machine to the host system.

This vulnerability is facilitated by the insertion of information into log files, which could lead to the disclosure of said sensitive information through an attack. In order to exploit this vulnerability, an attacker needs physical access to the system, such as the ability to mount an external drive.

This vulnerability is facilitated by the insertion of information into log files, which could lead to the disclosure of said sensitive information through an attack. In order to exploit this vulnerability, an attacker needs physical access to the system, such as the ability to mount an external drive.

Using a malicious USB device, an attacker can trigger an out-of-bounds heap write in the kernel, allowing the attacker to obtain root access and potentiall execute arbitrary code.

Using a malicious USB device, an attacker can trigger an out-of-bounds heap write in the kernel, allowing the attacker to obtain root access and potentiall execute arbitrary code.

Using a malicious USB device, an attacker can trigger an out-of-bounds write in the kernel, allowing the attacker to obtain root access and potentiall execute arbitrary code.

By crafting a malicious USB audio device, an attacker can trigger an out-of-bounds read error in the kernel, potentially exposing sensitive kernel information.

By crafting a malicious USB audio device, an attacker can trigger an out-of-bounds read error in the kernel, potentially exposing sensitive kernel information.

By crafting a malicious USB audio device, an attacker can trigger an out-of-bounds read error in the kernel, potentially exposing sensitive kernel information.

By creating or modifying a USB video device, an attacker can send an undefined video frame to trigger an out-of-bounds write, leading to privilege escalation and potential arbitrary code execution.

By creating or modifying a USB video device, an attacker can send an undefined video frame to trigger an out-of-bounds write, leading to privilege escalation and potential arbitrary code execution.

By creating or modifying a USB video device, an attacker can send an undefined video frame to trigger an out-of-bounds write, leading to privilege escalation and potential arbitrary code execution.

This memory leak vulnerability in Citrix NetScaler/ADC Gateway devices can be leveraged by sending malicious authentication requests, leaking sensitive information.

This memory leak vulnerability in Citrix NetScaler/ADC Gateway devices can be leveraged by sending malicious authentication requests, leaking sensitive information.