Important: kernel

Issue Overview: An issue where a provided address with accessok is not checked was discovered in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory...

CVE-2020-0235

In crusspsharedioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for "copyfromuser", ending up overwriting memory following "crussphdr". "crussphdr" is a static variable, of type "struct crusspioctlheader".Product: AndroidVersions:...

Design/Logic Flaw

In crusspsharedioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for "copyfromuser", ending up overwriting memory following "crussphdr". "crussphdr" is a static variable, of type "struct crusspioctlheader".Product: AndroidVersions:...

CVE-2020-0235

CVE-2020-0235 affects Android’s kernel, specifically the crus_sp_shared_ioctl path where 4 bytes are copied from userdata into the size variable and then used as the size for copy_from_user, overwriting memory following crus_sp_hdr (a static struct crus_sp_ioctl_header). This memory corruption ca...

FreeBSD Competitive Conditions Issue Loophole

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD contains a Competitive Condition Problem vulnerability, which stems from a cryptodev module that allows data structures in the kernel to be re-exploited after they have been freed, and can be exploited by an...

CVE-2020-12751

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 May 2020...

CVE-2020-12751

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 May 2020...

Code injection

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 May 2020...

CVE-2020-12751

CVE-2020-12751 affects Samsung mobile devices running O(8.X), P(9.0), and Q(10.0). The Quram image codec library is vulnerable to memory overwrite via crafted JPEG data during decoding, enabling arbitrary code execution on impact. Public sources (NVD, Red Hat, CNVD, and related CVE records) consi...

EulerOS Virtualization 3.0.2.2 : python-pillow (EulerOS-SA-2020-1473)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the 'crafted image file'...

CVE-2020-11600

An issue was discovered on Samsung mobile devices with Q10.0 software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 April 2020...

CVE-2020-11600

An issue was discovered on Samsung mobile devices with Q10.0 software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 April 2020...

Code injection

An issue was discovered on Samsung mobile devices with Q10.0 software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 April 2020...

CVE-2020-11600

An issue was discovered on Samsung mobile devices with Q10.0 software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 April 2020...

CVE-2020-10860

An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service AvastSvc.exe...

CVE-2019-20537

An issue was discovered on Samsung mobile devices with P9.0 TEEGRIS and Qualcomm chipsets. There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 November 2019...

CVE-2019-20537

An issue was discovered on Samsung mobile devices with P9.0 TEEGRIS and Qualcomm chipsets. There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 November 2019...

Code injection

An issue was discovered on Samsung mobile devices with P9.0 TEEGRIS and Qualcomm chipsets. There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 November 2019...

CVE-2019-20537

An issue was discovered on Samsung mobile devices with P9.0 TEEGRIS and Qualcomm chipsets. There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 November 2019...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1155)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the 'PROXY' protocol, a...