CVE-2019-9403

CVE-2019-9403: In cn-cbor, an out-of-bounds read due to improper casting could lead to remote information disclosure on Android 10. Impact is information disclosure with no privileges gained; exploitation requires user interaction. CVSS2 base 4.3 (PARTIAL confidentiality impact) and CVSS3.1 base ...

CVE-2019-2306

Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,...

Design/Logic Flaw

Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,...

CVE-2019-2306

CVE-2019-2306 is described as: an improper casting of a structure while handling a buffer causes an out-of-bounds read in the display code across Snapdragon platforms (Snapdragon Auto, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wearables) on multiple SoCs (e.g., SD se...

CVE-2019-2306

Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206,...

PT-2019-6812 · Chicken +1 · Chicken +1

Name of the Vulnerable Software and Affected Versions: Chicken versions prior to 4.8.0 Description: A casting error caused the random number generator to return a constant value on 64-bit platforms. The vendor notes that this function was not used for security purposes and is advertised as being...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. An unsafe type-casting in the JIT allows a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838,...

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

UBUNTU-CVE-2018-5156

A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1, Firefox ESR...

Chrome: V8: JIT: Type confusion in GetSpecializationContext

PoC: function optarg = = arg let tmp = opt.x; // LdaNamedProperty for ;; arg; yield; function inner tmp; break; for let i = 0; i arg; this; , opt let tmp = arg.x; for ;; arg; yield; tmp = inner tmp; ; for let i = 0; i arg; this; , opt let tmp = arg.x; for ;; arg; yield; tmp = inner tmp; ; for let...

[20180301] - Core - SQLi vulnerability User Notes

The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view...

SQL injection possible with limit() on MySQL

The limit query method is susceptible to catastrophic SQL injection with MySQL. For example, given a model User for a table users: php UserQuery::create-limit'1;DROP TABLE users'-find; This will drop the users table! The cause appears to be a lack of integer casting of the limit input in either...

[20180104] - Core - SQLi vulnerability in Hathor postinstall message

The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message...

CVE-2017-5052

An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting...

CVE-2017-5052

An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting...

Memory corruption

An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting...

GHSA-MGX3-27HR-MFGP HTTParty does not restrict casts of string values

The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...

CVE-2016-5855

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough...

Design/Logic Flaw

When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs...

Buffer overflow

In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough...