CVE-2018-11970

CVE-2018-11970 affects Qualcomm Snapdragon platforms (Auto/Compute/CE Connectivity/IOT/Industrial IOT/Mobile including MDM9xxx, QCS605, SD family) where TZ App dynamic allocations are not protected from the XBL loader. Root cause per CVE notes is unprotected dynamic allocations in the TZ app with...

CVE-2018-11970

TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / ...

Fedora 28 : php-twig2 (2019-e86155be6e)

Version 2.7.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 2.7.1 2019-03-12 - fixed class aliases ---- Version 2.7.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...

Buffer Overflow Vulnerability in Multiple IBM Products

The IBM Power System S922, among others, is a Power processor-based server device from IBM in the United States. A buffer overflow vulnerability exists in the boot loader in several IBM products. An attacker could exploit this vulnerability to overwrite the bootloader's instruction memory, bypass...

Security update for python-Jinja2 (moderate)

openSUSE Security Update: Security update for python-Jinja2 Announcement ID: openSUSE-SU-2019:0244-1 Rating: moderate References: 858239 Cross-References: CVE-2014-0012 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes one vulnerability is now...

macOS 127.0.0.1:4444 Reverse Shell Shellcode (103 bytes)

/ Title: macOS - Reverse 127.0.0.1:4444/TCP Shell /bin/sh + Null-Free Shellcode 103 bytes Tested: macOS 10.14.1 Author: Ken Kitahara Compilation: gcc -o loader loader.c dev:works devuser$ swvers ProductName: Mac OS X ProductVersion: 10.14.1 BuildVersion: 18B75 dev:works devuser$ cat ipv4rev.s...

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:0161-1 Rating: important References: 1120431 1122293 1122299 Cross-References: CVE-2018-11212 CVE-2019-2422 CVE-2019-2426 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilitie...

DEBIAN-CVE-2018-20761

GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gfsmloadinit function in scenemanager.c in libgpacstatic.a...

Denial Of Service (Dos)

xen is vulnerable to denial of service. This is due to the way the pyGrub boot loader handles compressed kernel images, which consumes an excessive amount of CPU resources when a large bzip2 or lzma compressed kernel image is processed, resulting in an out-of-memory condition...

Information Disclosure

IcedTea-Web plug-in is vulnerable to information disclosure. The application incorrectly uses the same class loader instance for applets with the same value of the codebase attribute even if they originated from different domains. An attacker is able to create a malicious applet to exploit the...

CVE-2019-3574

In libsixel v1.8.2, there is a heap-based buffer over-read in the function loadjpeg in the file loader.c, as demonstrated by img2sixel...

UBUNTU-CVE-2019-3574

In libsixel v1.8.2, there is a heap-based buffer over-read in the function loadjpeg in the file loader.c, as demonstrated by img2sixel...

UBUNTU-CVE-2018-20548

There is an illegal WRITE memory access at common-image.c function loadimage in libcaca 0.99.beta19 for 1bpp data...

CVE-2018-5861

CVE-2018-5861 is documented as a heap-overflow risk in CAF Android bootloader code using the Linux kernel, affecting Android for MSM/QRD Android builds with Qualcomm bootloaders. The vulnerability arises from incomplete partition-size checks during loading of secure applications, with CVSS v3.0 i...

CVE-2018-5861

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader...

Design/Logic Flaw

Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Exploit kits: fall 2018 review

Exploit kit EK activity continues to surprise us as the weather cools, the leaves change, and we move into the fall of 2018. Indeed, shortly after our summer review, a new exploit kit was discovered, and while no new vulnerabilities were added to the current EKs, several malvertising chains are...

Information Disclosure

react-styleguidist is vulnerable to information disclosure. Source file paths are leaked the processComponent in loaders/styleguide-loader.js, which would provide remote attackers information to perform further attacks...

The vulnerability of the BIOS loader of the Hyper-V hardware virtualization platform for Windows operating systems allows a hacker to circumvent built-in security restrictions.

The vulnerability of the BIOS loader of Hyper-V hardware virtualization systems for Windows operating systems arises from the unstable provision of high entropy during loading. Exploiting this vulnerability allows a remote attacker to circumvent built-in security restrictions...

Information disclosure

Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types...