1296 matches found
CVE-2019-10600
Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...
Code injection
Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...
CVE-2019-10600
Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...
CVE-2019-10600
CVE-2019-10600 describes a use-after-scope issue where a local variable is passed as an argument to a netlink callback, causing invalid stack memory when the callback fires. Affected are Snapdragon families across many devices and SoCs (e.g., Snapdragon Auto/Consumer IOT/Industrial IOT, IoT, Mobi...
Important product security update: Virtuozzo 6.0 Update 12 Hotfix 49 (6.0.12-3754)
This update provides a security and a stability fix. Vulnerability id: CVE-2019-15681, PSBM-99817 libVNCServer-0.9.10 contains a memory leak in VNC server code, which may allow an attacker to read stack memory...
Debian DLA-2016-1 : ssvnc security update
Several vulnerabilities have been identified in the VNC code of ssvnc, an encryption-capable VNC client.. The vulnerabilities referenced below are issues that have originally been reported against Debian source package libvncserver which also ships the libvncclient shared library. The ssvnc sourc...
kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command
A flaw was found in the Linux kernel's implementation of the Bluetooth Human Interface Device Protocol HIDP. A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the dohidpsockioctl function in net/bluetooth/hidp/sock.c.c. This function can leak...
LibVNC Memory Disclosure Vulnerability
LibVNC is a cross-platform C library that enables you to easily implement VNC server or client functionality in your security applications. A memory leak vulnerability exists in the VNC server code in versions prior to LibVNC d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a. An attacker could exploit thi...
CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
DEBIAN-CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
ALPINE-CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
Information disclosure
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
CVE-2019-15681
CVE-2019-15681 is a memory-leak vulnerability (CWE-655) in LibVNCServer’s VNC server component. The issue, introduced in LibVNC commit prior to d01e1bb4246..., could allow an attacker to read stack memory and cause information disclosure; when combined with another vulnerability this memory leaka...
CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak CWE-655 in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. Thi...
Security Bulletin: A vulnerability in OpenSource GNU Glibc affect IBM Netezza Host Management
Summary OpenSource GNU Glibc is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-1000366 DESCRIPTION: Glibc could allow a local attacker to execute arbitrary code on the system, caused by a vulnerability that...
Security Bulletin: A vulnerability in Linux kernel affect IBM Netezza Host Management
Summary Linux kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-1000364 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a a stack memory...
Design/Logic Flaw
Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine issue 1 of 2...
CVE-2019-13124
CVE-2019-13124 affects Foxit Reader 9.6.0.25114 and earlier, due to two RecursiveCall bugs in the V8 JavaScript engine that cause uncontrolled recursion, exhausting stack memory in three functions. This is described as a denial of service/crash risk related to stack exhaustion. The connected docu...