108 matches found
CVE-2020-36151
Incorrect handling of input data in mysofaresamplerresetmem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block...
CVE-2020-36150
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block...
PT-2020-13685
Name of the Vulnerable Software and Affected Versions Western Digital iNAND devices through 2020-06-03 Description A security issue has been identified in the Replay Protected Memory Block RPMB protocol, which is used by storage devices to secure trusted firmware. This issue can be exploited in...
CVE-2019-6857
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service of the controller when reading specific memory blocks using...
Pillow -- Multiple vulnerabilities
Pillow developers report: This release addresses several security problems, as well as addressing CVE-2019-19911. CVE-2019-19911 is regarding FPX images. If an image reports that it has a large number of bands, a large amount of resources will be used when trying to process the image. This is fix...
Schneider Electric Modicon M580 UMAS Read Memory Block Out Of Bounds Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the UMAS memory block read functionality of the Schneider Electric Modicon M580 Programmable Automation Controller. A specially crafted UMAS request can cause an out of bounds read, resulting in disclosure of sensitive...
Schneider Electric Modicon M580 UMAS memory block read denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the UMAS memory block read function of the Schneider Electric Modicon M580 programmable automation controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault state,...
Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the UMAS memory block write functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault...
Schneider Electric Modicon M580 UMAS read memory block information disclosure vulnerability
Summary An exploitable information disclosure vulnerability exists in the UMAS read memory block function of the Schneider Electric Modicon M580 programmable automation controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to return blocks of memory, resulting...
Schneider Electric Modicon Illegal Memory Block Write Denial of Service Vulnerability
The Schneider Electric Modicon M580, M340 is a programmable automation controller. An illegal memory block write vulnerability exists in the Schneider Electric Modicon M580, M340, which allows remote attackers to exploit the vulnerability by submitting a specific request, which can be used in a...
CARPE (DIEM) Apache 2.4.x Local Privilege Escalation
?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation Exploit
Exploit for windows platform in category local exploits Windows: DfMarshal Unsafe Unmarshaling Elevation of Privilege Master Platform: Windows 10 1803 not tested earlier, although code looks similar on Win8+ Class: Elevation of Privilege Note, this is the master issue report for the DfMarshal...
Elevation of Privilege Vulnerability in Multiple Qualcomm Products
The Qualcomm SD 210 and others are central processing unit CPU products for mobile devices from Qualcomm Incorporated. An elevation of privilege vulnerability exists in multiple Qualcomm products. An attacker could exploit the vulnerability to remove the RPMB...
Design/Logic Flaw
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block...
Code injection
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an copy call, which allows remote attackers to cause a denial of service access violation and application crash via a crafted a web page, b office...
CVE-2017-17426
The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...
Integer overflow
The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...
CVE-2017-17426
The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...
CVE-2017-17426
The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...
CVE-2017-17426
CVE-2017-17426 affects the GNU C Library (glibc/libc6) up to version 2.26. The heap overflow arises from an integer overflow check missing in the per-thread cache (tcache) path when allocating an object near SIZE_MAX, potentially allowing code execution. Exploitation details are not provided in t...