CVE-2020-11225

CVE-2020-11225 is an out-of-bounds access issue in the WLAN host component used by Qualcomm Snapdragon WLAN/driver across multiple Snapdragon lines. The root cause is lack of validation of array length before copying into an array, enabling a potential memory corruption scenario. Documented impac...

CVE-2020-11225

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

Security Vulnerabilities in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and are from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcomm products tha...

CVE-2020-3676

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar,...

Input validation

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar,...

CVE-2020-3676

CVE-2020-3676 affects Qualcomm Snapdragon components, specifically memory corruption in perfservice caused by improper validation of an array length taken from user applications. The issue impacts a wide range of Snapdragon mobile/IoT platforms (e.g., APQ8096AU, APQ8098, Kamorta, MSM89xx, SDM4xx/...

CVE-2020-3676

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar,...

Denial of Service in Cryptacular

CiphertextHeader.java in Cryptacular before 1.2.4, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...

PT-2022-8867 · Radare2 +1 · Radare2 +1

Name of the Vulnerable Software and Affected Versions: radare2 affected versions not specified Description: A flaw was found in radare2 due to a mismatched array length in core java.c, which could allow an attacker to cause a crash and perform a denial of service attack. Recommendations: At the...

CVE-2020-7226

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...

CVE-2020-7226

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...

Chrome NewFixedDoubleArray Integer Overflow

Chrome: Integer overflow in NewFixedDoubleArray VULNERABILITY DETAILS https://cs.chromium.org/chromium/src/v8/src/heap/factory.cc?rcl=dd689541d3815d64b4b39f6a41603248c71aa00e&l=496 Handle Factory::NewFixedDoubleArrayint length, PretenureFlag pretenure DCHECKLE0, length; if length == 0 return...

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length

function main var ar = ; forlet i = 0; i...

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length

function main var ar = ; forlet i = 0; i...

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length function main var ar = ; forlet i = 0; i...

Google Chrome V8 JavaScript Engine 71.0.3578.98 Memory Exhaustion

function main var ar = ; forlet i = 0; i...

Go Ethereum Denial of Service Vulnerability (CNVD-2019-04903)

Go Ethereum aka geth is an open source implementation of the Ether protocol written in the Go language. A security vulnerability exists in Go Ethereum version 1.8.19. An attacker can exploit this vulnerability to cause a denial of service memory consumption by overwriting the length of a dynamic...

Google Android Buffer Overflow Vulnerability (CNVD-2019-27590)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the 'updatefilsdata' function in Android, which stems from the program not detecting the length of an array. No details of the...

CVE-2018-11891

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function...

CVE-2017-17821

WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function in WTF/wtf/FastBitVector.cpp f...