3787 matches found
CVE-2019-14082
Potential buffer over-read due to lack of bound check of memory offset passed in WLAN firmware in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074,...
CVE-2019-14072
CVE-2019-14072 describes a race condition in Qualcomm/Snapdragon kernel/JPU handling leading to an unhandled paging request by dereferencing a freed object due to concurrent sparse free and sparse bind ioctls. Affected are Snapdragon Auto/Compute/IoT/Wearables platforms across numerous SoCs (e.g....
CVE-2019-14068
Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009...
CVE-2019-14027
Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...
CVE-2019-14026
Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2019-10616
CVE-2019-10616 affects Qualcomm Snapdragon devices. The issue is a null pointer access that can occur when SPDM commands are executed in a non-standard way within the TrustZone (TZ) environment, impacting a broad set of Snapdragon platforms (Auto, Compute, Connectivity, IoT, etc.). The reported r...
CVE-2019-10616
Possibility of null pointer access if the SPDM commands are executed in the non-standard way in TZ. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...
CVE-2019-10612
CVE-2019-10612 describes a stack overflow vulnerability in UTCB object handling that can corrupt a function pointer used by the reaper to deallocate memory, potentially enabling memory corruption in Qualcomm/Snapdragon components (e.g., Snapdragon Auto, Compute, and various IoT platforms). Affect...
CVE-2019-10593
CVE-2019-10593 is a buffer overflow vulnerability in Qualcomm Snapdragon firmware. It occurs when processing non-standard SDP video Image attribute parameters during VILTE/VOLTE calls across a wide range of Qualcomm Snapdragon platforms (Auto, Compute, IoT, Wearables, etc.). The root cause is a p...
CVE-2019-10569
Stack buffer overflow due to instance id is misplaced inside definition of hardware accelerated effects in makefile in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, APQ8098, MDM9607, MDM9640, MSM8998, QCS605, SC8180X, SDM439, SDM630, SDM636, SDM660,...
CVE-2019-10552
CVE-2019-10552 describes a buffer over-read in Qualcomm’s Snapdragon components due to improper length checks when decoding Service Reject/RAU Reject/PTMSI Realloc commands. Affected are Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, a...
CVE-2019-10550
Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909,...
CVE-2019-10546
Buffer overflow can occur in WLAN firmware while parsing beacon/proberesponse frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wire...
CVE-2018-11838
CVE-2018-11838 describes a possible double-free in the WLAN stack due to insufficient memory-free-condition checking in Qualcomm Snapdragon platforms, affecting Qualcomm WLAN components across Snapdragon families (e.g., APQ8053, MDM9640, SDA660, SDM636/660/SDX20) and various Snapdragon product li...
CVE-2018-11838
Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660,...
[Important] [Security] Virtuozzo PowerPanel Update 1 Hotfix 2 (7.0.4-47)
The update for Virtuozzo PowerPanel introduces a new feature and a security fix. Vulnerability id: PP-647 Fortify Docker configuration in the vzapi-compute service...
Product release: Virtuozzo Infrastructure Platform 3.5 Update 1 (3.5.1-43)
This update provides a new feature as well as fixes and improvements. Vulnerability id: VSTOR-30003 Unable to release node from cluster: 'Unable to send message to any node in ABGW cluster'. Vulnerability id: VSTOR-30135 No read/write data on dashboards if multipath is configured. Vulnerability i...
Multi-Juicer - Run Capture The Flags And Security Trainings With OWASP Juice Shop
Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start Juice Shop on their own machine works ok, but takes away too much valuable time. MultiJuicer gives you the...
CloudBees Jenkins Cross-Site Request Forgery Vulnerability (CNVD-2020-10430)
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Amazon EC2 Plugin is used in which an EC2 connection agen...
CVE-2018-21032
A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager...