128 matches found
DEBIAN-CVE-2022-30785
A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
ALPINE-CVE-2022-30785
A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
CVE-2021-3839
A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability. Mitigation Mitigation for this issu...
3S-Smart Software Solutions CODESYS Control 安全漏洞
3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS Control that allows any system user to read and...
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
SAP Netweaver 缓冲区错误漏洞
SAP Netweaver is a service oriented, integrated application platform from SAP Germany that provides a development and runtime environment for SAP applications. SAP Netweaver is vulnerable to an input validation error that results from a network system or product that does not properly validate da...
3S-Smart Software Solutions CODESYS V2 Web-Server 安全漏洞
3S-Smart Software Solutions CODESYS V2 Web-Server is an application from 3S-Smart Software Solutions, Germany. A web server. A buffer overflow vulnerability exists in 3S-Smart Software Solutions CODESYS V2 Web-Server versions prior to 1.1.9.20, which can be exploited by an attacker with the help ...
QNAP NAS devices buffer error vulnerability
A buffer error vulnerability exists in QNAP NAS devices that originates when a network system or product performs an operation in memory without properly validating data boundaries, resulting in an incorrect read or write operation being performed to an associated other memory location. An attack...
Intel XTU Security Vulnerability
A buffer error vulnerability exists in Intel XTU that originates when a networked system or product performs an operation in memory without properly validating the data boundaries, resulting in incorrect read and write operations being performed to other memory locations in the association. An...
CVE-2020-27485
Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index...
CVE-2020-28343
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 Exynos 980, 9820, and 9830 chipsets software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 November 2020...
Safari in Operator Side Effect Exploit
This module exploits an incorrect side-effect modeling of the 'in' operator. The DFG compiler assumes that the 'in' operator is side-effect free, however the element with the PDF plugin provides a callback that can trigger side-effects leading to type confusion CVE-2020-9850. The type confusion c...
JITSploitation II: Getting Read/Write
Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed i...
CVE-2020-17360
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...
CVE-2020-17360
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...
Integer overflow
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...
FreeRDP Input Validation Error Vulnerability (CNVD-2020-31432)
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. An input validation error vulnerability exists in the USB redirection channel in FreeRDP 2.0.0 and prior versions. An attacker can exploit this vulnerability to read or write arbitrary memory...
DEBIAN-CVE-2020-11039
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled nearly arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0...
kernel: malicious USB devices can lead to multiple out-of-bounds write
An out-of-bounds write flaw was found in the Linux kernel’s HID drivers. An attacker, able to plug in a malicious USB device, can crash the system or read and write to memory with an incorrect address...
CVE-2020-10565
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...