772 matches found
Design/Logic Flaw
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack...
CVE-2018-11301
CVE-2018-11301 describes an integer overflow caused by a missing buffer-length check while processing debug log events from firmware in Android CAF builds using the Linux kernel, affecting Qualcomm WLAN Host components across Android releases such as Android for MSM, Firefox OS for MSM, and QRD A...
CVE-2018-8343
An elevation of privilege vulnerability exists in the Network Driver Interface Specification NDIS when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT...
CVE-2018-8342
An elevation of privilege vulnerability exists in the Network Driver Interface Specification NDIS when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2008 R2. This CVE ID...
Microsoft Windows NDIS Local Elevation of Privilege Vulnerability
Microsoft Windows Network Driver Interface Specification NDIS is a component of Microsoft's Network Driver Interface Specification for use in Windows systems. A local elevation of privilege vulnerability exists in Microsoft Windows NDIS, which stems from ndis.sys not detecting the length of a...
Windows NDIS Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the Network Driver Interface Specification NDIS when ndis.sys fails to check the length of a buffer prior to copying memory to it. To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to...
Windows NDIS Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the Network Driver Interface Specification NDIS when ndis.sys fails to check the length of a buffer prior to copying memory to it. To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to...
My Video Converter 1.5.24 Buffer Overflow
!/usr/bin/env python Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : [email protected] Youtube Channel : www.youtube.com/c/Pentestingwithspirit Discovey Date : 29/07/2018 Software Link...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.132 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Information leaks using "Memory Disambiguation" feature in modern CPUs were mitigated, aka "Spectre Variant 4" bnc1087082. A new boot commandline...
CVE-2015-9187
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, S...
Input validation
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, S...
CVE-2015-9187
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, S...
CVE-2015-9187
CVE-2015-9187 affects Android devices with Qualcomm Snapdragon SoCs (e.g., Snapdragon Automobile, Mobile, Wear lines) prior to the 2018-04-05 patch level. The issue is a lack of buffer length validation in the pvr_cmd_handler, which can lead to unauthorized access to secure memory. The NVD/Androi...
Linux kernel memory corruption vulnerability (CNVD-2018-06457)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory corruption vulnerability exists in Linux kernel. The vulnerability arises due to the incorrect handling of...
CVE-2018-8822
Incorrect buffer length handling was found in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel, which could be exploited by malicious NCPFS servers to crash the kernel or possibly execute an arbitrary code...
Design/Logic Flaw
Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplibkernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute cod...
CVE-2018-8822
Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplibkernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute cod...
CVE-2018-8822
Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplibkernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute cod...
DEBIAN-CVE-2018-8822
Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplibkernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplibkernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute cod...
CVE-2018-8822
The CVE-2018-8822 issue affects the Linux kernel, specifically the ncp_read_kernel handling in fs/ncpfs/ncplib_kernel.c and the corresponding code in drivers/staging/ncpfs/ncplib_kernel.c. The root cause is incorrect buffer length handling, reported for Linux kernel versions up to 4.15.11 and for...