FreeBSD : FreeBSD -- ipfw invalid mbuf handling (33edcc56-83f2-11ea-92ab-00163e433440)

Incomplete packet data validation may result in accessing out-of-bounds memory CVE-2019-5614 or may access memory after it has been freed CVE-2019-15874. Impact : Access to out of bounds or freed mbuf data can lead to a kernel panic or other unpredictable results. C Tenable Network Security, Inc...

Buffer Overflow Vulnerability in Multiple NETGEAR Products (CNVD-2021-61059)

NETGEAR EX7000 and others are a wireless router from NETGEAR USA. A buffer overflow vulnerability exists in multiple NETGEAR products. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, resulting in...

Microsoft Windows Hyper-V Elevation of Privilege Vulnerability (CNVD-2020-31546)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Windows Hyper-V is one of the virtualization products that supports...

About the security content of iOS 12.4.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

OSSEC-HIDS Server Component Buffer Overflow Vulnerability

OSSEC-HIDS is an open source intrusion detection tool. A buffer overflow vulnerability exists in the OSSEC-HIDS server component. The vulnerability originates when a network system or product performs operations on memory without properly validating data boundaries, resulting in incorrect read an...

CVE-2020-8517

An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in extlmgroupacl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated...

jhead heap buffer overflow vulnerability

jhead is a tool for modifying JPEG file information. A buffer overflow vulnerability exists in the 'Get32' function in jhead 3.04 and earlier. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in...

Static HTTP Server Buffer Overflow Vulnerability

Static HTTP Server is a static HTTP server. A buffer overflow vulnerability exists in Static HTTP Server version 1.0. The vulnerability stems from a network system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write...

Multiple Apple Products CoreAudio Component Out-of-Bounds Read Vulnerability

Apple iOS is a product of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. coreAudio is a core audio component. An out-of-bounds read vulnerability exists in the CoreAudio componen...

Linux kernel buffer overflow vulnerability (CNVD-2019-45882)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the Linux kernel. The vulnerability arises from a networked system or product performing operations in memory without properl...

Intel PROSet/Wireless WiFi Software Buffer Overflow Vulnerability

Intel PROSet/Wireless WiFi Software is a wireless network card driver from Intel USA. A buffer overflow vulnerability exists in Intel PROSet/Wireless WiFi Software versions prior to 21.40, which arises when a network system or product performs an operation in memory without properly validating th...

freeFTPd Buffer Overflow Vulnerability

freeFTPd is an open source FTP File Transfer Protocol server. A buffer overflow vulnerability exists in freeFTPd version 1.0.8. The vulnerability stems from a network system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and wri...

Linux kernel buffer overflow vulnerability (CNVD-2019-46989)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the HID driver in versions of Linux kernel prior to 5.3.9. The vulnerability arises from a networked system or product that...

About the security content of macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, and Security Update 2019-005 Sierra

About the security content of macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, and Security Update 2019-005 Sierra This document describes the security content of macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, and Security Update...

Microsoft Edge Information Disclosure Vulnerability (CNVD-2019-27427)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. An information disclosure vulnerability exists in Microsoft Edge, which arises from the program failing to properly validate memory objects. An attacker could exploit the vulnerability to...

Net-SNMP Buffer Overflow Vulnerability

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices and so on. A buffer overflow vulnerability exists in Net-SNMP version 5.8. The vulnerability originates when a network system or product...

MAPLE Computer WBT SNMP Administrator Remote Buffer Overflow Vulnerability

MAPLE WBT SNMP Administrator is a thin client management program. A buffer error vulnerability exists in the SnmpAdm.exe file in MAPLE WBT SNMP Administrator version v2.0.195.15. The vulnerability stems from a network system or product performing operations in memory without properly validating...

Linux/x86 - ASCII AND, SUB, PUSH, POPAD Encoder Shellcode

!/usr/bin/env python3 INTRODUCTION Encoder Title: ASCII shellcode encoder via AND, SUB, PUSH, POPAD Date: 26.6.2019 Encoder Author: Petr Javorik, www.mmquant.net Tested on: Linux ubuntu 3.13.0-32-generic, x86 Special thx to: Corelanc0d3r for intro to this technique Description: This encoder is...

Intel NUC Kit Buffer Overflow Vulnerability (CNVD-2019-42731)

The Intel NUC Kit is a small desktop computer from Intel Corporation USA. A buffer error vulnerability exists in the system firmware in the Intel NUC Kit. The vulnerability originates when a networked system or product performs an operation on memory without properly validating data boundaries,...

Microsoft Windows Jet Database Engine Buffer Overflow Vulnerability (CNVD-2019-17525)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Jet Database Engine is one of the database engines. A buffer error vulnerability...