RUSTSEC-2021-0023 Incorrect check on buffer length when seeding RNGs

Summary: randcore::le::readu32into and readu64into have incorrect checks on the source buffer length, allowing the destination buffer to be under-filled. Implications: some downstream RNGs, including Hc128Rng but not the more widely used ChaChaRng, allow seeding using the SeedableRng::fromseed...

Incorrect check on buffer length when seeding RNGs

Summary: randcore::le::readu32into and readu64into have incorrect checks on the source buffer length, allowing the destination buffer to be under-filled. Implications: some downstream RNGs, including Hc128Rng but not the more widely used ChaChaRng, allow seeding using the SeedableRng::fromseed...

Qualcomm Display Buffer Error Vulnerability

Qualcomm Display is a Qualcomm Incorporated USA component used to support display functionality in chips. A buffer error vulnerability exists in Qualcomm Display that stems from improper length checking of the response buffer, which could result in out-of-bounds access in TA...

Cross site request forgery (csrf)

async-h1 is an asynchronous HTTP/1.1 parser for Rust crates.io. There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the bo...

Altran picoTCP and picoTCP-NG Buffer Error Vulnerability

Altran picoTCP is a small footprint modular open source TCP/IP stack from Altran Belgium, designed for embedded systems and the Internet of Things. A buffer error vulnerability exists in picoTCP and picoTCP-NG, which stems from the inability of the TCP input data handling function to validate the...

Buffer overflow

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956,...

UBUNTU-CVE-2020-0430

In skbheadlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2020-8905

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'encuntrustedrecvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of...

CVE-2020-8905

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'encuntrustedrecvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of...

Input validation

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'encuntrustedrecvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of...

CVE-2020-8905

The CVE-2020-8905 entry concerns Asylo before 0.6.0, where a buffer-length validation flaw in enc_untrusted_recvfrom allows an attacker to force copying trusted memory into a small untrusted buffer, enabling unauthorized data access. The issue is described as a memory-read vulnerability within Me...

CVE-2020-8905 Confidential Information Disclosure vulnerability in Asylo

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'encuntrustedrecvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of...

freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c

An issue was found in freerdp's libfreerdp/crypto/crypto.c, in versions before 2.1.1, where buffer access with an incorrect length value, leads to an out-of-bounds write. This flaw allows a remote, unauthenticated, attacker running an RDP server, or a local attacker, using a specially crafted...

CVE-2020-3625

When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130...

CVE-2020-3625

When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130...

CVE-2019-14112

Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...

The vulnerability of Qualcomm’s Linux operating system wireless network driver lies in the lack of buffer length checking and out-of-memory reading, allowing an attacker to execute arbitrary code.

The vulnerability of Linux kernel wireless network driver software from Qualcomm lies in the lack of buffer length checking and out-of-memory reading. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1007)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1476)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10557

Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053,...