Qualcomm MDM9206 and MDM9607 Input Validation Error Vulnerability

The Qualcomm MDM9206 and MDM9607 are both central processing unit CPU products from Qualcomm Incorporated. An input validation error vulnerability exists in the Kernel in the Qualcomm MDM9206 and MDM9607. The vulnerability arises from a networked system or product that does not properly validate...

CVE-2020-2655

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

Buffer overflow

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

Fast8690-exploit

Sagemcom Fast 3890 exploit This exploit uses the Cable Haunt...

OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

CVE-2019-11758

A flaw was found in the 360 Total Security code in Firefox and Thunderbird. Memory corruption is possible in the accessibility engine that could lead to an exploit to run arbitrary code. This vulnerability could be exploited over a network connection and would affect confidentiality and integrity...

UBUNTU-CVE-2019-15691

TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process of stack...

UBUNTU-CVE-2019-15694

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This...

Siemens SPPA-T3000 Heap Buffer Overflow Vulnerability (CNVD-2019-44776)

The SPPA-T3000 is a distributed control system mainly used in thermal power plants and large renewable energy power plants. A heap buffer overflow vulnerability exists in the Siemens SPPA-T3000. This allows an attacker with network access to the MS3000 server to cause a denial of service conditio...

WLAN component buffer overflow vulnerability in multiple Qualcomm products

Qualcomm MDM9206 and others are products of Qualcomm Incorporated.MDM9206 is a central processing unit CPU product.MDM9607 is a central processing unit CPU product.SDX20 is a modem.WLAN is one of the wireless LAN components. A buffer overflow vulnerability exists in the WLAN component of multiple...

wolfSSL buffer overflow vulnerability (CNVD-2019-41425)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A buffer overflow vulnerability exists in the DecodedCert structure of GetName in wolfcrypt/src/asn.c file in wolfSSL versions 4.1.0...

Mozilla: Potentially exploitable crash due to 360 Total Security

A flaw was found in the 360 Total Security code in Firefox and Thunderbird. Memory corruption is possible in the accessibility engine that could lead to an exploit to run arbitrary code. This vulnerability could be exploited over a network connection and would affect confidentiality and integrity...

Mozilla: Stack buffer overflow in HKDF output

A flaw was discovered in both Firefox and Thunderbird where 4 bytes of a HMAC output could be written past the end of a buffer stored on the memory stack. This could allow an attacker to execute arbitrary code or lead to a crash. This flaw can be exploited over the network...

Mozilla: Stack buffer overflow in HKDF output

A flaw was discovered in both Firefox and Thunderbird where 4 bytes of a HMAC output could be written past the end of a buffer stored on the memory stack. This could allow an attacker to execute arbitrary code or lead to a crash. This flaw can be exploited over the network...

UBUNTU-CVE-2019-15682

RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service DoS condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5...

DEBIAN-CVE-2019-8287

TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity...

DEBIAN-CVE-2019-15681

LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...

CVE-2019-15680

TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System DoS. This attack appear to be exploitable via network connectivity...

CVE-2019-15678

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity...

UBUNTU-CVE-2019-15678

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity...