Design/Logic Flaw

The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants...

CVE-2019-9977

The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants...

CVE-2019-9977

The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants...

CVE-2019-9977

CVE-2019-9977 affects the Tesla Model 3 entertainment system: the renderer process mishandles JIT compilation, enabling an attacker to trigger firmware code execution and display a crafted message to occupants. Documents across NVD, Red Hat, and CVE listings confirm this issue; CVSS3 base score i...

libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons Exploit

When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ and arithmetic comparisons LT, LE, GE, GT. Bitwise comparisons...

libseccomp &lt; 2.4.0 - Incorrect Compilation of Arithmetic Comparisons

When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ and arithmetic comparisons LT, LE, GE, GT. Bitwise comparisons...

libseccomp 2.4.0 - Incorrect Compilation of Arithmetic Comparisons

libseccomp 2.4.0 - Incorrect Compilation of Arithmetic Comparisons When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ,...

libseccomp Incorrect Compilation Of Arithmetic Comparisons

libseccomp: incorrect compilation of arithmetic comparisons When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ an...

[SECURITY] Fedora 29 Update: distcc-3.2rc1-22.fc29

distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...

[SECURITY] Fedora 28 Update: distcc-3.2rc1-22.fc28

distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...

tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads Exploit

tcpdump 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads Exploit Through fuzzing of network capture .pcap files, we have identified 16 crashes with unique stack traces in tcpdump. These crashes are caused by heap-based out-of-bounds memory reads, and can be reproduced with the latest tcpdump sourc...

jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin

A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Re...

jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative

A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or...

FaceTime - Texture Processing Memory Corruption

FaceTime - Texture Processing Memory Corruption There is a memory corruption issue that occurs when processing a malformed RTP video stream in FaceTime. It appears to be related to processing textures. thread 7, stop reason = EXCBADACCESS code=EXCI386GPFLT frame 0: 0x00007fff56baaa92...

Microsoft Chakra JavaScript Loop Type Confusion Vulnerability

This vulnerability allows remote attackers to produce abnormal program execution on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

qemu security update

15:3.0.0-4.el7 - usb-mtp: use ONOFOLLOW and OCLOEXEC. Gerd Hoffmann Orabug: 29056673 CVE-2018-16872 - pvrdma: add uarread routine Prasad J Pandit CVE-2018-20191 - pvrdma: release ring object in case of an error Prasad J Pandit Orabug: 29171822 CVE-2018-20126 - pvrdma: check number of pages when...

Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on executables compiled using vulnerable installations of Microsoft Visual Studio. Attack vectors will vary depending on the nature of the executable in question. The specific flaw exists within the compilation of asm blocks in Visual...

SUSE SLES12 Security Update : nodejs4, nodejs6 (SUSE-SU-2017:2168-1)

This update for nodejs4 and nodejs6 fixes the following issues: Security issues fixed : - CVE-2017-1000381: The c-ares function aresparsenaptrreply could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. bsc1044946 ...

SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2018:3920-1)

java-170-ibm is updated to Java 7.0 Service Refresh 10 Fix Pack 35 bsc1116574 : Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM...

Digital Forensics Distro: CAINE

Caine an acronym for Computer Aided Investigative Environment’ is an Ubuntu-based GNU/Linux live distribution live oriented to Computer Forensics computer forensics historically conceived by Giancarlo Giustini, within a project of Digital Forensics Interdepartmental Research Center for Security...