Null pointer dereference

Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions = =2.4.0 contain NULL Pointer Dereference CWE-476. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3...

CVE-2021-3322 Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr

Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions = =2.4.0 contain NULL Pointer Dereference CWE-476. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3...

GHSA-MGG8-9PVP-6QCW MvccRwLock allows data races & aliasing violations

Affected versions of the noisesearch crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory...

MvccRwLock allows data races & aliasing violations

Affected versions of the noisesearch crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory...

GHSA-WXJF-9F4G-3V44 Data races in noise_search

Affected versions of the noisesearch crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory...

Data races in noise_search

Affected versions of the noisesearch crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory...

GHSA-WP34-MQW5-JJ85 Use after free in nano_arena

Affected versions of this crate assumed that Borrow was guaranteed to return the same value on .borrow. The borrowed index value was used to retrieve a mutable reference to a value. If the Borrow implementation returned a different index, the split arena would allow retrieving the index as a...

Use after free in nano_arena

Affected versions of this crate assumed that Borrow was guaranteed to return the same value on .borrow. The borrowed index value was used to retrieve a mutable reference to a value. If the Borrow implementation returned a different index, the split arena would allow retrieving the index as a...

The vulnerability of the Captive Portal and Content Delivery (CPCD) services in Junos OS router series MX devices allows a hacker to induce a service failure.

The vulnerability of the Captive Portal and Content Delivery CPCD services in Junos OS router series MX devices is related to pointer aliasing errors. Exploiting this vulnerability can allow a malicious actor to trigger service failures using specially created HTTP packets...

CVE-2021-28032

An issue was discovered in the nanoarena crate before 0.5.2 for Rust. There is an aliasing violation in splitat because two mutable references can exist for the same element, if Borrow behaves in certain ways. This can have a resultant out-of-bounds write or use-after-free...

Out-of-bounds

An issue was discovered in the nanoarena crate before 0.5.2 for Rust. There is an aliasing violation in splitat because two mutable references can exist for the same element, if Borrow behaves in certain ways. This can have a resultant out-of-bounds write or use-after-free...

CVE-2021-28032

An issue was discovered in the nanoarena crate before 0.5.2 for Rust. There is an aliasing violation in splitat because two mutable references can exist for the same element, if Borrow behaves in certain ways. This can have a resultant out-of-bounds write or use-after-free...

CVE-2021-28032

The CVE concerns the Rust crate nano_arena before 0.5.2. A flaw in the split_at logic allows two mutable references to the same element when Borrow behaves in certain ways, creating a potential for memory safety issues such as an out-of-bounds write or use-after-free. The issue is rooted in alias...

split_at allows obtaining multiple mutable references to the same data

Affected versions of this crate assumed that Borrow was guaranteed to return the same value on .borrow. The borrowed index value was used to retrieve a mutable reference to a value. If the Borrow implementation returned a different index, the split arena would allow retrieving the index as a...

RUSTSEC-2020-0141 MvccRwLock allows data races & aliasing violations

Affected versions of this crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory corruption as...

MvccRwLock allows data races & aliasing violations

Affected versions of this crate unconditionally implement Send/Sync for MvccRwLock. This can lead to data races when types that are either !Send or !Sync e.g. Rc, Arc are contained inside MvccRwLock and sent across thread boundaries. The data races can potentially lead to memory corruption as...

Denial Of Service (DoS)

Kernel is vulnerable to denial of service DoS. The Radeon GPU drivers in the Linux kernel were missing sanity checks for the Anti Aliasing AA resolve register values which could allow a local, unprivileged user to cause a denial of service or escalate their privileges on systems using a graphics...

PT-2020-9171 · Kubernetes +1 · Kubernetes Api Server +2

Name of the Vulnerable Software and Affected Versions: Kubernetes API Server versions 1.1 through 1.14 Kubernetes API Server versions prior to 1.15.10 Kubernetes API Server versions prior to 1.16.7 Kubernetes API Server versions prior to 1.17.3 Description: The issue allows an authorized user to...

UPDATE: Empire 3.1.0

Empire 3.1.0 was released a few hours ago! If you remember, I briefly mentioned about this tool in my five month old post titled – List of Open Source C2 Post-Exploitation Frameworks. It’s a very good thing that, BC-Security has taken over the development of the tool and has made some awesome...

PT-2019-4885 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.13 Description: An issue in Xen allows ARM guest OS users to cause a denial of service via a XENMEM add to physmap hypercall. The functions p2m resolve translation fault and p2m get entry use p2m-max mapped gfn to sani...