CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

Release of Invalid Pointer or Reference

An issue was discovered in USC iLab cereal. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if a std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same address...

About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra

About the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra This document describes the security content of macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. About Apple security updates F...

HDF5 Buffer Overflow Vulnerability (CNVD-2020-21017)

HDF5 is a suite of tools for managing and storing different types of data. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A buffer overflow vulnerability exists in the 'H5Olayoutdecode' function of the H5Olayout.c file in HDF5...

DEBIAN-CVE-2020-10811

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5Olayoutdecode located in H5Olayout.c. It allows an attacker to cause Denial of Service...

UBUNTU-CVE-2020-10811

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5Olayoutdecode located in H5Olayout.c. It allows an attacker to cause Denial of Service...

PT-2020-6976 · Hdf5 +3 · Hdf5 +3

Name of the Vulnerable Software and Affected Versions: HDF5 versions through 1.12.0 Description: The issue is related to a heap-based buffer over-read in the H5O layout decode function located in H5Olayout.c. This can allow an attacker to cause a Denial of Service. The vulnerability is associated...

ThemeREX Addons Remote Code Execution Vulnerability

WordPress plugin ThemeREX Addons is a plugin that works with various ThemeREX themes, featuring several theme enhancements and widgets that extend the functionality of the theme in question. A remote code execution vulnerability exists in versions of ThemeREX Addons prior to 2020-03-09. The...

CVE-2020-3836

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout...

Memory corruption

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout...

CVE-2020-3836

CVE-2020-3836 is an Apple kernel memory-management issue disclosed as an access problem that could allow a malicious, local app to determine the kernel memory layout. The vulnerability affects multiple Apple OSes: iOS 13.3.1, iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, and watchOS 6.1.2. ...

CVE-2020-3836

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout...

openSUSE Security Update : systemd (openSUSE-2020-208)

This update for systemd fixes the following issues : - CVE-2020-1712 bscbsc1162108 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or...

Adobe FrameMaker Stack Overflow Vulnerability (CNVD-2020-04709)

Adobe FrameMaker is a page layout software provided by the American company Audobee Adobe. A stack overflow vulnerability exists in Adobe FrameMaker. An attacker can exploit the vulnerability to execute arbitrary code...

openSUSE Security Update : upx (openSUSE-2020-163)

This update for upx to version 3.96 fixes the following issues : - CVE-2019-1010048: Fixed a denial of service in PackLinuxElf32::PackLinuxElf32help1 boo1141777. - CVE-2019-14296: Fixed a denial of service in canUnpack boo1143839. - CVE-2019-20021: Fixed a heap-based buffer over-read in canUnpack...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2019-1301)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1672)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2019-1585)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...

CVE-2019-8755

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout...