postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE

A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...

Apple macOS 缓冲区错误漏洞

Apple macOS is a specialized operating system from Apple Inc. developed for Mac computers. A buffer error vulnerability exists in the model IO component of Apple MacOS, which stems from a boundary condition due to the model IO subsystem. A remote attacker can exploit this vulnerability to create ...

PostgreSQL 缓冲区错误漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A buffer error vulnerability exists in PostgreSQL. An attacker can re...

UBUNTU-CVE-2021-32029

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A memory leak vulnerability exists in the gfhintertracknew function in GPAC version 1.0.1. An attacker can exploit this vulnerability to read memory via specially crafted files...

Siemens SIMOTICS CONNECT 400 Denial of Service Vulnerability

SIMOTICS CONNECT 400 is a connector and sensor box mounted on a low-voltage motor that provides analysis data for the MindSphere application SIDRIVE IQ Fleet. A denial of service vulnerability exists in the Siemens SIMOTICS CONNECT 400 due to a failure of the DNS domain name tag resolution functi...

PT-2020-6372 · Schneider Electric · Modicon M580 +3

Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Modicon Premium affected versions not specified Description: A vulnerability exists...

Linux kernel buffer over-read vulnerability

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A buffer over-read vulnerability exists in the fbcon code in Linux kernel versions prior to 5.8.15. A local attacker...

CVE-2020-24242

In Netwide Assembler NASM 2.15rc10, SEGV can be triggered in toktext in asm/preproc.c by accessing READ memory...

chromium-browser: Out of bounds read in WebGL

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-24242

In Netwide Assembler NASM 2.15rc10, SEGV can be triggered in toktext in asm/preproc.c by accessing READ memory...

CVE-2020-24242

In Netwide Assembler NASM 2.15rc10, SEGV can be triggered in toktext in asm/preproc.c by accessing READ memory...

CVE-2020-24242

In Netwide Assembler NASM 2.15rc10, SEGV can be triggered in toktext in asm/preproc.c by accessing READ memory...

CVE-2020-24242

In Netwide Assembler NASM 2.15rc10, SEGV can be triggered in toktext in asm/preproc.c by accessing READ memory...

Google Chrome Information Disclosure Vulnerability (CNVD-2019-46424)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an information disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information from process memory with the help of specially crafted HTML pages...

SUSE SLED12 / SLES12 Security Update : libcaca (SUSE-SU-2019:2745-1)

This update for libcaca fixes the following issues : Security issues fixed : CVE-2018-20544: Fixed a floating point exception at caca/dither.c bsc1120502 CVE-2018-20545: Fixed a WRITE memory access in the loadimage function at common-image.c for 4bpp bsc1120584 CVE-2018-20546: Fixed a READ memory...

CVE-2018-20547

There is an illegal READ memory access at caca/dither.c function getrgbadefault in libcaca 0.99.beta19 for 24bpp data...

CVE-2018-20546

There is an illegal READ memory access at caca/dither.c function getrgbadefault in libcaca 0.99.beta19 for the default bpp case...

CVE-2018-19497

In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...

[ASA-201811-17] libtiff: multiple issues

Arch Linux Security Advisory ASA-201811-17 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2018-18557 CVE-2018-18661 Package : libtiff Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-790 Summary...