CVE-2017-16381

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value when processing TIFF...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-103.3.8.1 - Bluetooth: Properly check L2CAP config option output buffer length Ben Seri Orabug: 26796363 CVE-2017-1000251...

Out-of-bounds access vulnerability in WPS Text docreader module

WPS is an office software developed by Kingsoft Office Software. An out-of-bounds access vulnerability exists in the WPS text docreader module. The vulnerability is due to a miscalculation of the read buffer length. An attacker exploiting this vulnerability could cause process information...

CVE-2015-8596

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection...

CVE-2014-9973

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine...

CVE-2014-9973

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine...

CVE-2014-9974

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster...

CVE-2015-8596

CVE-2015-8596 concerns a buffer length validation flaw in Qualcomm closed‑source malware protection components used in Android CAF builds running the Linux kernel. The root cause is missing validation of buffer lengths, described across multiple sources as a buffer overflow/length-check omission....

CVE-2014-9974

CVE-2014-9974 is described in connected records as a Qualcomm component vulnerability affecting Android CAF builds using the Linux kernel, arising from missing validation of buffer lengths in Keymaster. The CNVD-2017-26641 entry explicitly documents a buffer length validation failure in the Qualc...

CVE-2015-8596

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection...

Stack Overflow Vulnerability in WPS

WPS is an office software developed by Kingsoft Office Software. A stack overflow vulnerability exists in WPS text. The vulnerability is due to the program failing to validate the buffer length. An attacker can exploit the vulnerability by constructing a malformed XML file resulting in heap...

Heap Overflow Vulnerability in WPS

WPS is an office software developed by Kingsoft Office Software. A heap overflow vulnerability exists in WPS text. The vulnerability is due to the program fails to validate the buffer length, an attacker can exploit the vulnerability by constructing a malformed XML file resulting in heap corrupti...

Heap overflow vulnerability exists in WPS (CNVD-2017-19997)

WPS is an office software developed by Kingsoft Office Software. A heap overflow vulnerability exists in WPS. The vulnerability stems from the program's failure to validate the buffer length, which can be exploited by an attacker to cause heap corruption or execute arbitrary code by constructing ...

The vulnerability of the tdx.sys component, which is used to check the length of the operating system’s buffer, allows a hacker to exploit their privileges.

The vulnerability of the tdx.sys component, which is used to check the length of operating system Windows buffers, is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder, operating locally, to increase their privileges...

WPS has an out-of-bounds access vulnerability

WPS is a free office software. A memory out-of-bounds access exists in the WPS docreader module. The vulnerability stems from a miscalculation of the buffer address length. An attacker can exploit this vulnerability to obtain sensitive information...

SUSE SLES12 Security Update : glibc (SUSE-SU-2017:1614-1) (Stack Clash)

This update for glibc fixes the following issues : - CVE-2017-1000366: Fix a potential privilege escalation vulnerability that allowed unprivileged system users to manipulate the stack of setuid binaries to gain special privileges. bsc1039357 - The incorrectly defined constant OTMPFILE has been...

SUSE-SU-2017:1614-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2017-1000366: Fix a potential privilege escalation vulnerability that allowed unprivileged system users to manipulate the stack of setuid binaries to gain special privileges. bsc1039357 - The incorrectly defined constant OTMPFILE has been...

CVE-2017-0296

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory...

WPS has an out-of-bounds access vulnerability

WPS Office is one of the widely used office software. A memory out-of-bounds access exists in the docreader module of WPS Text. The vulnerability is due to a miscalculation of the buffer length. An attacker can exploit this vulnerability to obtain sensitive information...

Microsoft Windows TDX Elevation of Privilege Vulnerability (KB4021923)

This host is missing an important security update according to Microsoft KB4021923 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...