925 matches found
The vulnerability of the zrle_compress_data function in the software for emulating hardware on various QEMU platforms arises from improper memory release before deleting the last reference. This allows a malicious actor to trigger a service failure.
The vulnerability of the zrlecompressdata function in the software for emulating hardware on various QEMU platforms is related to improper memory release before deleting the last pointer. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its...
Multiple Huawei products security vulnerabilities
Huawei CloudEngine 12800 and others are products of Huawei, China.Huawei CloudEngine 12800 is a 12800 series data center switch.Huawei Cloudengine 5800 is a 5800 series data center switch.Huawei Cloudengine 6800 is a 6800 series data center switch. A security vulnerability exists in multiple Huaw...
The vulnerability of the Junos operating system’s kernel allows a attacker to trigger an emergency shutdown of the application.
The vulnerability of the Junos operating system’s kernel is related to the improper release of memory before deleting the last reference. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause an unexpected termination of the application...
The vulnerability of the Fly print manager involves improper release of memory before deleting last-level links. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Print Manager Fly is related to the improper release of memory before deleting the last references. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of the ntpd implementation of the Network Time Synchronization Protocol allows a attacker to cause a service failure.
The vulnerability of the ntpd implementation of the NTP synchronization protocol is related to a memory release error. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the exit_notify function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the exitnotify function in the Linux operating system’s kernel is related to a memory release error. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
RUSTSEC-2020-0017 Use after free in ArcIntern::drop
ArcIntern::drop has a race condition where it can release memory which is about to get another user. The new user will get a reference to freed memory. This was fixed by serializing access to an interned object while it is being deallocated. Versions prior to 0.3.12 used stronger locking which...
Use after free in ArcIntern::drop
ArcIntern::drop has a race condition where it can release memory which is about to get another user. The new user will get a reference to freed memory. This was fixed by serializing access to an interned object while it is being deallocated. Versions prior to 0.3.12 used stronger locking which...
The vulnerability of Huawei’s microprogrammed router software, related to the re-release of memory, allows a hacker to trigger a service failure.
The vulnerability of Huawei’s microprogrammed router software is related to the repeated release of memory. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
EulerOS 2.0 SP5 : pyOpenSSL (EulerOS-SA-2020-1320)
According to the versions of the pyOpenSSL package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference...
Huawei NIP6800, Secospace USG6600 and USG9500 IPSec Module Repeated Memory Release Vulnerability
Huawei USG9500 and others are products of Huawei, China.USG9500 is a data center firewall product.NIP6800 is an intrusion prevention system.USG6600 is a data center firewall product. A security vulnerability exists in the IPSec module in the Huawei NIP6800, Secospace USG6600, and USG9500. An...
CVE-2019-19076
A flaw was found in the way the NFP4000/NFP6000 Advanced buffer management NIC driver in the Linux kernel handled memory release on error handling. This flaw allows an attacker to cause a denial of service and crash the system. Mitigation To mitigate this issue, prevent module nfp from being...
The vulnerability of the ath10k_usb_hif_tx_sg function in the Linux kernel’s drivers/net/wireless/ath/ath10k/usb.c file is related to improper memory release before removing last references. This allows a malicious actor to trigger a service failure.
The vulnerability of the ath10kusbhiftxsg function in the Linux kernel’s drivers/net/wireless/ath/ath10k/usb.c file is related to a lack of a memory release mechanism before deleting the last pointer. Exploiting this vulnerability allows an attacker to cause service failure remotely...
PHP Memory Location Double Release Vulnerability
PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development, supports a variety of databases and operating systems. A...
The vulnerability in the `png_create_info_struct` function of the PNG bitmap graphics library allows a attacker to cause a denial-of-service attack.
The vulnerability of the pngcreateinfostruct function in the library for working with PNG bitmap graphics in libpng is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause service interruptions through various network...
CVE-2019-19051
A flaw was found in the way the Linux kernel's WiMAX i2400 driver handled memory release in certain error codes path in the RF kill switch control function. A local attacker able to control the device could use this flaw to crash the system. Mitigation As the i2400m module will be auto-loaded whe...
The vulnerability of Blink’s web page display mechanism in the Google Chrome web browser allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.
The vulnerability of Blink’s web page display mechanism in the Google Chrome browser is related to the use of pointers after memory release. Exploiting this vulnerability could allow an attacker to compromise data integrity, gain unauthorized access to protected information, and cause service...
CVE-2019-12975
It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An...
The vulnerability of the Linux operating system’s avma1cs_detach kernel driver allows a hacker to trigger a service failure.
The vulnerability of the driver/module in Linux operating systems, specifically the drivers/isdn/hisax/avma1cs.ko module, stems from memory release errors. Exploiting this vulnerability could allow an attacker to cause a system failure by disconnecting the PCMCIA device that emulates the AVM A1...
The vulnerability in the implementation of the ems_pcmciaremove handler in Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the emspcmciaremove handler in the loaded module drivers/net/can/sja1000/emspcmcia.ko of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a system failure when connecting and disconnecting an EMS...