577 matches found
UBUNTU-CVE-2020-14375
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...
[SECURITY] Fedora 32 Update: podofo-0.9.6-11.fc32
PoDoFo is a library to work with the PDF file format. The name comes from the first letter of PDF Portable Document Format. A few tools to work with PDF files are already included in the PoDoFo package. The PoDoFo library is a free, portable C++ library which includes classes to parse PDF files a...
CVE-2020-7457
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV62292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory...
Race condition
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV62292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory...
CVE-2020-7457
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV62292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory...
CVE-2020-7457
CVE-2020-7457 concerns a missing synchronization in the FreeBSD IPV6_2292PKTOPTIONS set handler (setsockopt), causing a race against freed memory in the ip6_pktopts path. Impact described as potential memory corruption and privilege escalation. Affected lines include FreeBSD stable/12 and stable/...
Apple iOS, iPadOS and watchOS Mail component buffer overflow vulnerability (CNVD-2020-33207)
Apple iOS and others are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple watchOS is an operating system for smartwatches.Apple iPadOS is an operating system for iPad tablets.Mail is one of the email components. A buffer overflow vulnerability exists in th...
CVE-2020-9818
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...
CVE-2020-9818
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...
CVE-2020-9818
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...
CVE-2020-9818
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination. Recent assessments: Assessed...
PT-2022-8868 · Radare2 +1 · Radare2 +1
Name of the Vulnerable Software and Affected Versions: radare2 affected versions not specified Description: A double free issue was discovered in the cmd info function, located in cmd info.c. This issue could potentially allow modification of unexpected memory locations, leading to a crash...
About the security content of iOS 12.4.7 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
VulnCheck KEV: CVE-2020-9818
Apple iOS, iPadOS, and watchOS Mail contains an out-of-bounds write vulnerability which may allow memory modification or application termination when processing a maliciously crafted mail message...
Privilege Escalation
kernel is vulnerable to privilege escalation. A local user is able to obtain root privileges and modify kernel memory locations to write to the /sys/kernel/debug/acpi/custommethod file...
CVE-2019-19398
M5 lite 10 with versions of 8.0.0.182C00 have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious cod...
CVE-2019-19398
M5 lite 10 with versions of 8.0.0.182C00 have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious cod...
Input validation
M5 lite 10 with versions of 8.0.0.182C00 have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious cod...
CVE-2019-19398
The CVE-2019-19398 entry relates to Huawei M5 lite 10 devices, specifically version 8.0.0.182(C00). The root cause is insufficient input validation in the device’s software, allowing an attacker to modify memory through a sequence of operations, with the potential to execute malicious code. Publi...