1680 matches found
Binary Vulnerability in Rexchip Chips
With a R&D team specializing in system-on-chip design and algorithm research, Rexchip Microelectronics Corporation provides professional chip solutions for high-end intelligent hardware, cell phone peripherals, tablet PCs, TV set-top boxes, industrial control and other fields. A binary...
Linux kernel llcp_sock_bind() Denial of Service Vulnerability
Linux kernel is an open source operating system. A security vulnerability exists in Linux kernel llcpsockbind, which can be exploited by remote attackers to submit a special request that can crash the system...
Design/Logic Flaw
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2020-15999
CVE-2020-15999 corresponds to a heap-based buffer overflow in FreeType that can be triggered by crafted font/PNG data, potentially via a malicious HTML page, affecting freetype usage in Google Chrome before 86.0.4240.111. Public advisories describe the issue as a heap overflow in Load_SBit_Png an...
Speedfan suffers from a local boost vulnerability
SpeedFan is a computer system tool that monitors the real-time temperature of computer components such as processors, graphics cards and motherboards to provide users with the most timely warning function, and can also be adjusted by the speed of the cooling fan to dissipate the heat of the...
The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to trigger a service failure.
The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
TopscoinAdvanced Digital Error Vulnerability
TopscoinAdvanced is an ethereum-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function in the smart contract implementation of TopscoinAdvanced. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...
Ubuntu 16.04 LTS : FlightGear vulnerability (USN-4588-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4588-1 advisory. It was discovered that FlightGear could write arbitrary files if received a special nasal script. A remote attacker could exploit this with a crafted file to...
EUVD-2020-8960
A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by correcting how the Base3D rendering engine...
Cisco IOS and IOS XE Denial of Service Vulnerability (CNVD-2021-43439)
Cisco IOS and IOS XE are both operating systems developed by Cisco in the United States for its network devices. A denial of service vulnerability exists in the PROFINET feature of Cisco IOS and IOS XE, which can be exploited by an attacker to cause the device to crash and reload by sending...
CVE-2020-6556
Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Information disclosure
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could explo...
Google Android WhatsApp Information Disclosure Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA.System is one of the system components.Email is one of the email components.WhatsApp is a set of mobile applications that utilize the web to deliver text messages from Google and the Open Handheld...
Unspecified Vulnerability in VMware Spring Cloud Netflix
Spring Cloud Netflix is various Netflix OSS component integrations. A security vulnerability exists in VMware Spring Cloud Netflix versions 2.2.x prior to 2.2.4, 2.1.x prior to 2.1.6, and unsupported older versions, which can be exploited by an attacker to send requests to other servers...
CVE-2020-8244
CVE-2020-8244 is a buffer over-read in the Node.js bl module, where input in consume() can become negative and corrupt BufferList state, potentially exposing uninitialized memory via slice(). Affected are bl versions <4.0.3, <3.0.1, <2.2.1, and
Google Chrome Security Bypass Vulnerability (CNVD-2020-49914)
Google Chrome is a web browser. A security vulnerability exists in Google Chrome versions prior to 85.0.4183.83. An attacker can exploit this vulnerability to bypass security restrictions...
EUVD-2020-12405
An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...
Microsoft .NET Framework Remote Code Execution Vulnerability (CNVD-2020-62333)
Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a Windows Store, Windows Phone, Windows Server, and Microsoft Azure applications. The platform includes the C and Visual Basic programming languages, a public language runtime library,...
Remote Code Execution
aspose.pdf is vulnerable to remote code execution. A use-after-free vulnerability exists when malicious FunctionType 0 PDF elements are processed, allowing an attacker to exploit the vulnerability and execute arbitrary code...
GNU GRUB2 Vulnerability
Free Software Foundation GNU Project's multiboot boot loader, GNU GRUB2, contains a vulnerability—CVE-2020-10713—that a local attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...