Google Golang 代码注入漏洞

Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...

PT-2021-5954 · Pdftron · Pdftron

Name of the Vulnerable Software and Affected Versions: PDFTron versions prior to 9.0.7 Description: A Memory Corruption issue may lead to code execution through maliciously crafted DLL files. The vulnerability is related to errors in the mechanism for checking the path to dynamically loaded...

[SECURITY] Fedora 33 Update: glib2-2.66.8-1.fc33

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system...

[SECURITY] Fedora 34 Update: glib2-2.67.6-2.fc34

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system...

CVE-2020-11829

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.05493e40200722...

Design/Logic Flaw

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.05493e40200722...

CVE-2020-11829

CVE-2020-11829 affects com.coloros.codebook V2.0.0_5493e40_200722. Dynamic loading of services in the backup and restore SDK leads to elevated privileges (Partial confidentiality, integrity, and availability impact per CVSS). No exploit details or fixes are provided in the connected documents. Th...

CVE-2020-11829

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.05493e40200722...

GHSA-4FC4-CHG7-H8GH Unprotected dynamically loaded chunks

Impact All dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their integrity. This removes the additional level of protection offered by SRI for such chunks. Top-level chunks are unaffected. Patches This issue is...

Visa warns of Baka JavaScript skimmer capable of evading detection

By Deeba Ahmed The JavaScript skimmer evades detection from static malware scanners using dynamic loading. This is a post from HackRead.com Read the original post: Visa warns of Baka JavaScript skimmer capable of evading detection...

CVE-2020-15816

In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables...

CVE-2020-4100

"HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded natively at runtime;...

[SECURITY] Fedora 30 Update: glib2-2.60.7-3.fc30

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system...

CVE-2019-15349

The CVE-2019-15349 entry describes a pre-installed platform app on Tecno Camon devices (package com.lovelyfont.defcontainer, version 7.0.11) that exposes an exported service (com.lovelyfont.manager.service.FunctionService). This service accepts a file path to a Dalvik Executable (DEX) file from a...

Docker 19.03.0 Code Injection Vulnerability

Docker is prone to a code injection vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:0265-1 Security update for libqt5-qtbase

This update for libqt5-qtbase provides the following fixes: Security issues fixed: - CVE-2018-15518: Fixed double free in QXmlStreamReader bsc1118595 - CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler bsc1118596 Non-security issues fixed: - Fix dynamic loading of libGL...

openSUSE Security Update : libqt5-qtbase (openSUSE-2019-265)

This update for libqt5-qtbase provides the following fixes : Security issues fixed : - CVE-2018-15518: Fixed double free in QXmlStreamReader bsc1118595 - CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler bsc1118596 Non-security issues fixed : - Fix dynamic loading of...

Security update for libqt5-qtbase (moderate)

openSUSE Security Update: Security update for libqt5-qtbase Announcement ID: openSUSE-SU-2019:0265-1 Rating: moderate References: 1096328 1099874 1108889 1118595 1118596 1120639 Cross-References: CVE-2018-15518 CVE-2018-19873 Affected Products: openSUSE Leap 15.0 An update that solves two...

FileCapsule Deluxe Portable Insecure Dynamic Loading Vulnerability (CNVD-2017-23960)

FileCapsule Deluxe Portable is a file encryption software. A security vulnerability exists in FileCapsule Deluxe Portable 1.0.4.1 and earlier versions. The vulnerability can be exploited to execute arbitrary code...

FileCapsule Deluxe Portable Insecure Dynamic Loading Vulnerability (CNVD-2017-23963)

FileCapsule Deluxe Portable is a file encryption software. A security vulnerability exists in Encrypted Files in Self-Decryption Format in FileCapsule Deluxe Portable 1.0.5.1 and earlier versions. The vulnerability can be exploited to execute arbitrary code...