925 matches found
Input validation
The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...
CVE-2017-12448
The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...
The vulnerability of the `gdImageWebPtr` function in the GD Graphics Library allows attackers to exert undefined effects.
The vulnerability of the gdImageWebPtr function in the GD Graphics Library is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker, operating remotely, to cause unpredictable effects by using large values for width and height...
Huawei P10 Plus Mobile Touchscreen Driver Memory Repeatedly Released Vulnerability
Huawei P10 Plus is a smartphone device from Chinese company Huawei Huawei. A memory duplicate release vulnerability exists in the touchscreen driver of the Huawei P10 Plus phone. An attacker who has gained root access to Android induces the user to install a malicious mobile application, which ca...
The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure
The vulnerability of the console-based graphic editor ImageMagick is related to the repeated release of memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure termination of the application through the use of a specially created tga forma...
Reverse Safety series: Use After Free vulnerability analysis-vulnerability warning-the black bar safety net
One, Foreword Thinking the next step is to write a use after free small summary, just happened to be the nearest Lake Gordon Cup 2016 the one.---- game Use the use after free can be out. This title is their first in more formal competitions, make pwn title, do this question of time spent a lot, t...
unsorted bin attack analysis-vulnerability warning-the black bar safety net
One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...
The vulnerability of the Firefox browser, which allows a remote attacker to trigger a service failure
The vulnerability of Firefox’s browser in the webrtc::VPMContentAnalysis::Release function of the WebRTC component lies in the use of incompatible methods for releasing memory allocated for storing simple-type arrays. Exploiting this vulnerability allows a malicious actor to trigger a service...
The vulnerability of the Cisco Wireless LAN Controller 2000 software allows a malicious individual to cause service failure.
Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...
The vulnerability of the Cisco Wireless LAN Controller 2100 software allows a malicious individual to cause service failure.
Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...
The vulnerability of the Cisco Wireless LAN Controller 4100 software allows a malicious individual to cause service failure.
Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...
The vulnerability of the Cisco Wireless LAN Controller 2500 software allows a malicious individual to cause service failure.
Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...
The vulnerability of the Cisco Wireless LAN Controller 5500 software allows a malicious individual to cause service failure.
Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...
The vulnerability of the Cisco Wireless LAN Controller 4400 software allows a malicious individual to cause service failure.
Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...
CVE-2015-8340
The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service deadlock or host crash via unspecified vectors, related to XENMEMexchange error handling...
OpenSSL Competitive Conditional Denial of Service Vulnerability
OpenSSL is an open source implementation of SSL for strong encryption of network communications. A security vulnerability exists in OpenSSL, which can be exploited by a remote attacker to send a special PSK identity that triggers a contention condition and then triggers two releases of memory,...
Microsoft Excel ASLR Bypass (MS15-070; CVE-2015-2375)
A security feature bypass vulnerability exists in Microsoft Excel. The vulnerability is caused when memory is released in an unintended manner. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Excel file...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the Flash Player software arises from the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the Flash Player software arises from the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the Flash Player software arises from the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...