4206 matches found
UVI-2021-1000344 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000232 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000344 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
GSD-2021-1000232 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
CVE-2021-25217 A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient
In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the defect is also present in...
The vulnerability of Microsoft Office packages and Microsoft Office Web Apps arises from the possibility of writing operations beyond the buffer in memory, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of Microsoft Office packages and Microsoft Office Web Apps is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
glibc security, bug fix, and enhancement update
2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...
The vulnerability of the Scripting Engine component in Internet Explorer arises from an operation that goes beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Scripting Engine component in Internet Explorer arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created website...
PostgreSQL 9.6.x < 9.6.22 / 10.x < 10.17 / 11.x < 11.12 / 12.x < 12.7 / 13.x < 13.3 Multiple Vulnerabilities
The version of PostgreSQL installed on the remote host is 9.6 prior to 9.6.22, 10 prior to 10.17, 11 prior to 11.12, 12 prior to 12.7, or 13 prior to 13.3. As such, it is potentially affected by multiple vulnerabilities : - Buffer overrun from integer overflow in array subscripting calculations...
Updated postgresql packages fix security vulnerabilities
Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027. Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE. CVE-2021-32028. Memory disclosure in partitioned-table UPDATE ... RETURNING. CVE-2021-32029...
MGASA-2021-0221 Updated postgresql packages fix security vulnerabilities
Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027. Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE. CVE-2021-32028. Memory disclosure in partitioned-table UPDATE ... RETURNING. CVE-2021-32029...
The vulnerability of the XkbSetNamesCheck function in xkb.c of the X Window System Xorg-server, related to the occurrence of operations outside the buffer in memory, allows an attacker to access confidential information or cause service failures.
The vulnerability of the XkbSetNamesCheck function in the xkb.c file of the X Window System Xorg-server is related to the operation of pushing an action within acceptable buffer data limits. Exploiting this vulnerability allows an attacker to access confidential information or cause service...
The vulnerability of Firefox browser, related to the execution of operations beyond the buffer in memory, allows an attacker to trigger memory corruption and execute arbitrary code on the target system.
The vulnerability of the Firefox browser is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause memory corruption and execute arbitrary code on the target system...
FreeBSD : PostgreSQL server -- two security issues (62da9702-b4cc-11eb-b9c9-6cc21735f730)
The PostgreSQL project reports : Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can...
PostgreSQL server -- two security issues
The PostgreSQL project reports: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can crea...
Vulnerability in core server (CVE-2021-32027)
Buffer overrun from integer overflow in array subscripting calculations While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The PostgreSQL project thanks Tom Lane for reporting this problem...
Epic Games Rocket League 1.95 - Stack Buffer Overrun Vulnerability
Exploit Title: Epic Games Rocket League 1.95 - Stack Buffer Overrun Exploit Author: LiquidWorm Vendor Homepage: https://www.epicgames.com https://www.rocketleague.com Epic Games Rocket League 1.95 AK::MemoryMgr::GetPoolName Stack Buffer Overrun Vendor: Epic Games Inc. | Psyonix, LLC Product web...
Epic Games Rocket League 1.95 - Stack Buffer Overrun
Exploit Title: Epic Games Rocket League 1.95 - Stack Buffer Overrun Date: 25.04.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.epicgames.com https://www.rocketleague.com Epic Games Rocket League 1.95 AK::MemoryMgr::GetPoolName Stack Buffer Overrun Vendor: Epic Games Inc. | Psyonix,...
The vulnerability of the implementation of TLS and SSL protocols in Cisco Firepower Threat Defense’s microprogrammable network interfaces allows attackers to trigger a device reboot or cause a service failure.
The vulnerability of the TLS and SSL protocols implemented by Cisco Firepower Threat Defense’s microprogramming-based network interface controllers is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of Microprogramming Software for Cisco Adaptive Security Appliance Software (ASA) and Cisco Firepower Threat Defense (FTD) relates to writing beyond the buffer boundaries, allowing attackers to trigger a system reboot or cause service failure.
The vulnerability of Microprogrammed Network Interface Software of Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a system reboot or caus...