CVE-2020-9809

An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine kernel memory layout...

PT-2020-20768 · Apple · Macos Catalina +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 macOS Catalina versions prior to 10.15.5 tvOS versions prior to 13.4.5 watchOS versions prior to 6.2.5 Description: An information disclosure issue was addressed by removing the...

PT-2020-20773 · Apple · Macos Catalina +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 macOS Catalina versions prior to 10.15.5 tvOS versions prior to 13.4.5 watchOS versions prior to 6.2.5 Description: An information disclosure issue was addressed with improved state...

The vulnerability of the load_aout_binary() function in the Linux operating system’s kernel allows a hacker to bypass the ASLR protection mechanism.

The vulnerability of the loadaoutbinary function in the Linux operating system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism in programs with setuid a.out...

Apple macOS Catalina Wi-Fi Component Out-of-Bounds Read Vulnerability

Apple macOS Catalina is a proprietary operating system developed by Apple Inc. for Mac computers.Wi-Fi is one of the wireless Internet components. An out-of-bounds read vulnerability exists in the Wi-Fi component of Apple macOS Catalina versions prior to 10.15.5, which can be exploited by an...

Multiple Apple Products Kernel Component Information Disclosure Vulnerability (CNVD-2020-65923)

Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Catalina is a specialized operating system developed for Mac computers.Kernel is one of the kernel components. Kernel is one of the kernel components. A security...

Multiple Apple Products Kernel Component Information Disclosure Vulnerability (CNVD-2020-34934)

Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Catalina is a specialized operating system developed for Mac computers.Kernel is one of the kernel components. Kernel is one of the kernel components. A security...

SANE Backends epsonds component input validation error vulnerability

SANE Backends is an application programming interface API and communication protocol for regulating communication between software and digital imaging devices. An input validation error vulnerability exists in the 'epsondsnetread' function in SANE Backends versions prior to 1.0.30. An attacker...

Description of the Microsoft Office 2008 for Mac 12.1.3 Update

Describes the changes that the Office 2008 for Mac 12.1.3 Update makes to Office 2008 for Mac programs.INTRODUCTIONMicrosoft has released security bulletin MS08-057. This security bulletin contains all the relevant information about the security updates for Microsoft Office 2008 for Mac. To view...

MS15-116: Description of the security update for Office 2010: November 10, 2015

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microso...

MS15-116: Description of the security update for Word 2010: November 10, 2015

MS15-116: Description of the security update for Word 2010: November 10, 2015 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

Protection Mechanism Bypass

The kernel is vulnerable to Protection Mechanism Bypass. The startcode and endcode values in "/proc/pid/stat" were not protected. In certain scenarios, this flaw could be used to defeat Address Space Layout Randomization ASLR...

CVE-2017-5472

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

CVE-2018-21076

An issue was discovered on Samsung mobile devices with N7.x Exynos8890/8895 chipsets software. There is information disclosure a KASLR offset in the Secure Driver via a modified trustlet. The Samsung ID is SVE-2017-10987 April 2018...

Denial Of Service (DoS)

Kernel is vulnerable to denial of service DoS because kernel space address bits to derive IP ID may potentially break KASLR...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

CVE-2020-11104

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...

Design/Logic Flaw

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...