910 matches found
The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...
CVE-2017-0092
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0111,...
CVE-2017-0060
The Graphics Device Interface GDI in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a...
kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...
mDNSResponder Buffer Overflow Vulnerability (CNVD-2016-04181)
mDNSResponder is a product that provides unicast and multicast mDNS services for UNIX-like operating systems. A buffer overflow vulnerability exists in mDNSResponder version 379.27 and versions prior to 625.41.2 that stems from multiple functions GetValueForIPv4Addr, GetValueForMACAddr,...
SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0187-1)
This update for libxml2 fixes the following security issue : - CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application bsc960674 Note that Tenable Network...
The vulnerability of the Firefox ESR browser, which allows a hacker to influence the operation of the program
The vulnerability of the nsZipArchive::BuildFileList function, which allows access to arbitrary memory cells, is related to code errors in Firefox ESR browsers. Exploiting this vulnerability could enable a malicious actor to manipulate the program’s behavior remotely by using a specially crafted...
Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive...
UBUNTU-CVE-2014-2739
The cmareqhandler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet aka RoCE address that is properly resolved within a different module, which allows remote attackers to cause a denial of service incorrect...
CVE-2010-2965
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via...