TianoCore EDK II BIOS Vulnerabilities - US

Lenovo Security Advisory: LEN-22660 Potential Impact: Denial of service, privilege escalation Severity: Medium Scope of Impact: Industry-wide Summary Description: Lenovo was notified of multiple buffer validation and parsing vulnerabilities in TianoCore EDK II BIOS that could lead to denial of...

TianoCore EDK II BIOS Vulnerabilities - Lenovo Support US

No description provided...

Microsoft Windows gdi32full CreateDIBitmap Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-18329

A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac Consumer 7.0 2017 and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F4E offse...

Delta Industrial Automation COMMGR AHSIM_5x0 Simulator Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of TCP packets sent to the AHSIM 5x0 Simulator. The issu...

VulnCheck KEV: CVE-2009-0824

Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer...

CVE-2015-5315

The eappwdprocess function in eappeer/eappwd.c in wpasupplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service process...

CVE-2018-5335

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length...

CVE-2017-14916

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated...

CVE-2017-15920

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they...

CVE-2017-10998

In all Qualcomm products with Android releases from CAF using the Linux kernel, in audioaioionlookupvaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operatio...

CVE-2017-10998

In all Qualcomm products with Android releases from CAF using the Linux kernel, in audioaioionlookupvaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operatio...

CVE-2014-9974

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster...

CVE-2014-9973

CVE-2014-9973 describes a buffer-length validation flaw in the PlayReady DRM routine within Qualcomm closed‑source components used in Qualcomm/CAF Android builds on the Linux kernel. The underlying issue is missing validation of buffer length in the DRM pathway, which could enable a remote attack...

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

Type confusion

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

CVE-2016-5221

Removed by vendor...

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

CVE-2016-5221

CVE-2016-5221 refers to a type confusion in libGLESv2 within ANGLE used by Google Chrome on Mac/Windows/Linux (pre-55.0.2883.75) and Android (pre-55.0.2883.84). This could allow a remote attacker to bypass buffer validation via a crafted HTML page. Connected sources confirm the vulnerable compone...