PT-2021-7834 · Redis +2 · Redis +2

Name of the Vulnerable Software and Affected Versions: Redis versions prior to 5.0.10 Redis versions prior to 6.0.9 Redis versions prior to 6.2.0 Description: A heap overflow issue was found in Redis when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of...

Redis Labs Redis 多款产品缓冲区错误漏洞

Redis Labs Redis is the United States Redis Labs, Inc. of a set of open-source use of ANSI C written to support the network , can be based on the memory can also be a persistent log-type , key-value Key-Value storage database , and provides a variety of languages API. A buffer overflow...

Microsoft Windows本地提权漏洞（CVE-2021-1732）

CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds Mar 25, 2021 • iamelli0t CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year123. This vulnerability exploits a user mode callback opportunity i...

Vulnerability fixed in VxWorks

In Wind River VxWorks, the memory allocator has a possible overflow when calculating the size of the memory block that should be allocated by calloc. The result is that the actual allocated memory is smaller than the buffer size specified by the arguments, leading to memory corruption. The...

CVE-2020-28895

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

CVE-2020-28895

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

Memory corruption

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

CVE-2020-28895

CVE-2020-28895 affects Wind River VxWorks: the memory allocator can overflow when calculating the size for calloc(), causing the allocated memory to be smaller than the requested buffer and leading to memory corruption. The vulnerability is documented across multiple sources (e.g., Wind River adv...

CVE-2020-28895 integer overflow in calloc

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc. As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption...

OPENSUSE-SU-2021:0079-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2020-27781: Fixed a privilege escalation via the cephvolumeclient Python interface bsc1179802 bsc1180155. Non-security issues fixed: - Fixes an issue when check in legacy collection reaches end. bsc1179139 - Fixes an...

CVE-2020-27035

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment aka CID-fd4d9c7d0c71.

...

DEBIAN-CVE-2020-29370

An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...

UBUNTU-CVE-2020-29370

An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...

Linux kernel 竞争条件问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel versions prior to 5.5.11 suffer from a contention condition issue vulnerability that stems from an issue found in kmemcacheallocbulk in mm/slub.c. slowpath lacks t...

CVE-2020-26243

Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...

DEBIAN-CVE-2020-26243

Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...

Design/Logic Flaw

Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...

UBUNTU-CVE-2020-26243

Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being...

GHSA-85RR-4RH9-HHWH Memory leak in Nanopb

Impact Decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded contains the submessage multiple times. This is rare in normal messages, but it is a concern wh...