CVE-2020-4701

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges...

Cisco Integrated Management Controller Remote Code Execution Vulnerability

The Cisco Integrated Management Controller IMC is a baseboard management controller that provides embedded server management for Cisco UCS C-Series rackmount servers and Cisco S-Series storage servers. A remote code execution vulnerability exists in the API subsystem of the Cisco Integrated...

USN-4526-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of servi...

CVE-2020-7564

A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules see notification for details which could cause write access and the execution o...

IBM DB2 缓冲区错误漏洞

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from a buffer overflow vulnerability that originates as a result of improper boundary...

Cisco Integrated Management Controller 输入验证错误漏洞

The Cisco Integrated Management Controller IMC is a baseboard management controller that provides embedded server management for Cisco UCS C-Series rackmount servers and Cisco S-Series storage servers. A remote code execution vulnerability exists in the API subsystem of the Cisco Integrated...

Netatalk < 3.1.12 Arbitrary Code Execution Vulnerability - Active Check

Netatalk is prone to an unauthenticated code execution vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

About the security content of iTunes 12.10.9 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Security Bulletin: WebSphere Application Server security vulnerability in FileNet Content Manager

Summary WebSphere Application Server security vulnerability in FileNet Content Manager Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive...

Authorization

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. A...

Cisco SD-WAN vManage Software Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking on an affected system. A...

bouncycastle15 -- bcrypt password checking vulnerability

The Bouncy Castle team reports: The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different...

EulerOS 2.0 SP8 : dpdk (EulerOS-SA-2020-2308)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the movedesc function can lead to large amounts of CPU cycles being...

Apple has multiple product access control error vulnerabilities

Apple iOS and Apple watchOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple watchOS is an operating system for smartwatches. A security vulnerability exists in several Apple products that stems from insufficient checking of vulnerable code,...

CVE-2020-9866

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application terminati...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution...

CVE-2020-9866

CVE-2020-9866 is a memory-corruption vulnerability (buffer overflow) in Apple macOS CoreAudio/CoreFoundation stack that could allow arbitrary code execution. Apple states the issue was addressed with improved bounds- and input-validation, fixed in macOS Catalina 10.15.6 and in Security Update 202...

CVE-2019-8840

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges...

CVE-2019-8842

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs...