FreeBSD : FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking (b2b83761-6a09-11ea-92ab-00163e433440)

The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact : The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM. C Tenable Network Security, Inc...

FreeBSD : FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking (3c10ccdf-6a09-11ea-92ab-00163e433440)

The driver-specific ioctl2 command handlers in oce4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact : The oce4 handler permits unprivileged users to send passthrough commands to device firmware. C Tenable Network Security, Inc. The...

CVE-2019-14872

The dtoar function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference...

FreeBSD-SA-20:06.if_ixl_ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:06.ifixlioctl Security Advisory The FreeBSD Project Topic: Insufficient ixl4 ioctl2 privilege checking Category: core Module: ixl4 Announced: 2020-03-19...

FreeBSD-SA-20:05.if_oce_ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:05.ifoceioctl Security Advisory The FreeBSD Project Topic: Insufficient oce4 ioctl2 privilege checking Category: core Module: oce4 Announced: 2020-03-19...

FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking

Problem Description: The driver-specific ioctl2 command handlers in oce4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The oce4 handler permits unprivileged users to send passthrough commands to device firmware...

FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking

Problem Description: The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM...

Security Advisory - Improper Integrity Checking Vulnerability on some Huawei Products

There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications. Vulnerability ID: HWPSIRT-2019-10070 This vulnerability has been...

Intel(R) Graphics Driver Improper Conditional Checking Vulnerability

IntelR Graphics Driver is a graphics card driver from Intel. A security vulnerability exists in IntelR Graphics Driver. An attacker could exploit the vulnerability to obtain sensitive information and cause a denial of service...

Data Modem Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2020-20200)

The Qualcomm MDM9206 and others are products of Qualcomm Incorporated, U.S.A. The MDM9206 is a central processing unit CPU product.The SDX24 is a modem.The APQ8017 is a central processing unit CPU product. A buffer overflow vulnerability exists in Data Modem in multiple Qualcomm products, which i...

CVE-2020-3829

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges...

CVE-2020-3840

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges...

Design/Logic Flaw

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to...

CVE-2020-3840

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to...

CVE-2020-3829

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges...

CVE-2020-3829

CVE-2020-3829 corresponds to an out-of-bounds read fixed by Apple across multiple platforms. The Apple advisories show the vulnerability contributing to elevated-privilege risk and are mitigated by updates: iOS 13.3.1, iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, and watchOS 6.1.2. In the ...

CVE-2020-3840

CVE-2020-3840 describes an off-by-one error in the handling of racoon configuration files within IPSec-related components. The underlying issue arises from improper bounds checking, which could allow a maliciously crafted racoon config to trigger arbitrary code execution. Apple and Red Hat record...

VMWare OpenSLP Heap Buffer Overflow (CVE-2019-5544; CVE-2021-21974)

A heap buffer overflow vulnerability exists in OpenSLP. The vulnerability is due to improperly checking the bounds of a buffer before copying data to it. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to OpenSLP service on port 427...

Authentication flaw

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from t...