7 matches found
epa4all-client has a VAU Signature bypass
Impact In SignedPublicKeysTrustValidatorImpl.isTrusted, the ECDSA signature verification at line 45 discards the boolean return value of Signature.verify. The method performs certificate chain validation, OCSP check, and signature algorithm setup, but never checks whether the signature actually...
Protobuf Maven Plugin protocDigest is ignored when using protoc from PATH
Summary The expected protocDigest is ignored when protoc is taken from the PATH. Details The documentation for the protocDigest parameter says: ... Users may wish to specify this if using a PATH-based binary ... However, when specifying PATH the protocDigest is not actually checked because the co...
EUVD-2020-3486
Malware in sbrugna...
CVE-2020-11132
u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...
CVE-2020-11132
u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...
The vulnerability of the check_ignored() function in the Apport error logging service allows a violator to trigger a service failure.
The vulnerability of the checkignored function in the apport/report.py file of the Apport error reporting service is related to improper handling of exceptional states. Exploiting this vulnerability could allow an attacker to cause a service failure...
UBUNTU-CVE-2020-15701
An unhandled exception in checkignored in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...