CVE-2020-12905

Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure...

Denial Of Service (DoS)

Rxvt is vulnerable to denial of service. An attacker is able to crash the application by passing the value -2^31 inside a terminal escape code which would result in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

GHSA-H6H9-PPHV-M266 Topydo Improper Input Validation vulnerability

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attac...

Topydo Improper Input Validation vulnerability

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attac...

CVE-2018-1000523

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attac...

CVE-2018-1000523

This CVE affects the topydo project. The vulnerability resides in ListFormatParser::parse (topydo/lib/ListFormat.py:292) and is caused by improper input validation (CWE-20). It can lead to injection of arbitrary bytes into the terminal, including terminal escape code sequences, exploitable when a...

CVE-2017-7483

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

UBUNTU-CVE-2017-7483

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

CVE-2017-7483

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

CVE-2017-7483

Rxvt 2.7.10 is vulnerable to denial-of-service via a crafted terminal escape code (-2^31), causing a non-invertible integer and an out-of-bounds read that leads to a segfault. Affected product: rxvt (VT102 terminal emulator for X). Root cause: improper handling of certain escape sequences. Impact...

CVE-2017-7483

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

CVE-2017-7483

Removed by vendor...

NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=892 The handler for the DxgkDdiEscape escape code 0x70000D4 has the following pseudocode: void fastcall escape70000D4NvMiniportDeviceContext a1, NvEscapeData a2 Escape70000D4...

NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=892 The handler for the DxgkDdiEscape escape code 0x70000D4 has the following pseudocode: void fastcall escape70000D4NvMiniportDeviceContext a1, NvEscapeData a2 Escape70000D4 escapedata; // rbx@1 PVOID allocbuf; // rsi@1 unsigned i...

NVIDIA Driver - Escape 0x100010b Missing Bounds Check

NVIDIA Driver - Escape 0x100010b Missing Bounds Check Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=927 The DxgkDdiEscape handler for escape code 0x100010b looks like: char escape100010bNvMiniportDeviceContext miniportcontext, HANDLE handle, unsigned int idx PVOID Object; if...

Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...

SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu)

Check for the Version of qemu OpenVAS Vulnerability Test $Id: gbsuse201211701.nasl 8273 2018-01-03 06:29:19Z teissa $ SuSE Update for qemu openSUSE-SU-2012:1170-1 qemu Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...