The vulnerability of the Android operating system, related to the operation of data beyond the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Qualcomm QMI Proxy component in the Android operating system, related to writing data beyond the buffer boundaries in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Qualcomm QMI Proxy component in the Android operating system arises from data writing beyond the memory limit. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information through a...

The vulnerability of the Sensorhub service on the Samsung Mobile operating system allows a hacker to execute arbitrary code.

The vulnerability of the Sensorhub service on the Samsung Mobile operating system arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Heap overflow

WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffer where a value larger than the buffer can be read from a file into the buffer, causing the buffer to be overwritten, which may allow remote code execution or cause the application to crash...

CVE-2018-9063

MapDrv C:\Program Files\Lenovo\System Update\mapdrv.exe In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary...

The vulnerability of the NVIDIA Libnvomx component in the Android operating system allows a hacker to gain elevated privileges.

The vulnerability of the NVIDIA Libnvomx component in the Android operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges...

The vulnerability of the Microsoft Office software package arises from improper handling of objects in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office suite arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

The vulnerability of the ChakraCore JavaScript script handler and the Microsoft Edge browser arises from an operation that goes beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler and the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted web page content...

The vulnerability of the ChakraCore JavaScript script handler and the Microsoft Edge browser arises from an operation that goes beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler and the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the ChakraCore JavaScript script handler and the Microsoft Edge browser arises from an operation that goes beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler and the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted web page content...

The vulnerability of the WLAN operating system component in the Android repository CAF, which allows a hacker to execute arbitrary code.

The vulnerability of the WLAN subsystem of the Android operating system from the CAF repository involves an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Amazon Linux 2 : zsh (ALAS-2018-986)

NULL dereference in cd in sh compatibility mode under given circumstances In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 NULL pointer deref when using...

SUSE-SU-2018:0956-1 Security update for ntp

This update for ntp fixes the following issues: - Update to 4.2.8p11 bsc1082210: CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. CVE-2018-7182: ctlgetitem: buffer read overrun...

The vulnerability of the Equation Editor component in the Microsoft Office software package allows a hacker to execute arbitrary code.

The vulnerability of the Equation Editor component in the Microsoft Office software package arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the FTPShell Client, related to the execution of operations beyond the buffer boundaries in memory, allows a perpetrator to execute arbitrary code or cause the application to terminate abnormally.

The vulnerability of the FTPShell Client FTP client is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause the application to terminate abnormally by sending a specially crafted...

MGASA-2018-0195 Updated ntp packages fix security vulnerabilities

This release addresses five security issues in ntpd for Mageia 6: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. Reported by Matt Van Gundy of...

Updated ntp packages fix security vulnerabilities

This release addresses five security issues in ntpd for Mageia 6: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. Reported by Matt Van Gundy of...

CVE-2017-15859

While processing the QCANL80211VENDORSUBCMDSETTXPOWERSCALEDECRDB vendor command, in which attribute QCAWLANVENDORATTRTXPOWERSCALEDECRDB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs...

CVE-2017-15859

CVE-2017-15859 is a buffer overrun in the Qualcomm Atheros WLAN stack (qcacld-2.0), triggered when QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB carries fewer than 1 byte in the TXPOWER_SCALE_DECR_DB attribute. Affected: Android for MSM, Firefox OS for MSM, and QRD Android devices prior to ...

CVE-2017-15859

While processing the QCANL80211VENDORSUBCMDSETTXPOWERSCALEDECRDB vendor command, in which attribute QCAWLANVENDORATTRTXPOWERSCALEDECRDB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs...