1085 matches found
Design/Logic Flaw
OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...
CVE-2019-1549
OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...
CVE-2019-1549 Fork Protection
OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...
CVE-2019-10709
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...
CVE-2019-10709
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...
Design/Logic Flaw
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...
CVE-2019-10709
CVE-2019-10709 affects Asus Precision TouchPad driver 11.0.0.25. A pool overflow in the AsusPTPFilter.sys/AsusTP device handling via DeviceIoControl (IOCTL 0x221408) with crafted input can trigger DoS and may enable elevation of privilege. Exploit samples show sending a 12048-byte payload to the ...
ASUS Asus Precision TouchPad Privilege Permission and Access Control Issues Vulnerability
ASUS Asus Precision TouchPad is a touchpad driver from Asus Taiwan, China. A security vulnerability exists in ASUS Asus Precision TouchPad version 11.0.0.25. The vulnerability can be exploited by an attacker to cause a denial of service and elevation of privilege...
Asus Precision TouchPad 11.0.0.25 - Denial of Service Exploit
!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter: @telspacesystems Greets ...
Asus Precision TouchPad 11.0.0.25 Denial Of Service / Privilege Escalation
!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter:...
Asus Precision TouchPad 11.0.0.25 - Denial of Service
Asus Precision TouchPad 11.0.0.25 - Denial of Service !/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link :...
Asus Precision TouchPad 11.0.0.25 - Denial of Service
!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter:...
The vulnerability of the Precision Time Protocol (PTP) implementation in the Cisco IOS operating system allows a hacker to trigger a service failure.
The vulnerability of the Precision Time Protocol PTP implementation in the Cisco IOS operating system is related to errors in processing PTP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted PTP packets...
Insufficient Entropy In Key Generation Algorithm
The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows Exploit
I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with...
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows
I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...
Authentication Bypass
openstack-keystone is vulnerable to authentication bypass. Remote authenticated users are able to retain access via an expired token due to the token driver storing timestamps with incorrect precision, which causes timestamp expiration time comparisons for tokens to fail...
CVE-2018-6153
A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...
CVE-2018-6126
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...