CVE-2020-6835

An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking...

CVE-2020-6835

CVE-2020-6835 affects Bftpd before 5.4. The vulnerability is a heap-based off-by-one error during file-transfer error checking. The NVD entry lists CVSS v2 base 7.5 (high) and CVSS v3.1 base 9.8 (critical) with Network attack vector, no user interaction required. Red Hat and OpenVAS references re...

AIX 7.2 TL 2 : tcpdump (IJ20784)

https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP. The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint. The LMP parser in...

AIX 7.1 TL 5 : tcpdump (IJ20783)

https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP. The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint. The LMP parser in...

kind-of injection vulnerability

kind-of is a JavaScript type checking package. An injection vulnerability exists in the 'ctorName' function of the index.js file in kind-of version v6.0.2, which can be exploited by an attacker to override internal attributes and manipulate the results of type checking...

CVE-2018-16276

An out-of-bounds access issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel. A local attacker could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Multiple Vulnerabilities (NS-SA-2019-0239)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ovmf packages installed that are affected by multiple vulnerabilities: - Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi...

UPX Heap Buffer Overflow Vulnerability

UPX is a portable and extensible executable compression program. A buffer overflow vulnerability exists in the 'canUnpack' function of the pmach.cpp file in UPX version 3.95. The vulnerability stems from a networked system or product performing operations in memory without properly validating dat...

CVE-2019-5272

USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection...

Design/Logic Flaw

USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection...

CVE-2019-5272

CVE-2019-5272 affects Huawei USG9500, specifically V500R001C30 and V500R001C60, due to a missing integrity checking mechanism. The root cause is lack of integrity verification, which may permit a high-privilege attacker to apply undetected malicious modifications. The primary vendor advisory (Hua...

Security Advisory - Missing Integrity Checking Vulnerability on Some Huawei Products

There is a missing integrity checking vulnerability on some Huawei products. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection. Vulnerability ID: HWPSIRT-2019-01085 This vulnerabilit...

CVE-2019-11045 DirectoryIterator class silently truncates after a null byte

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access...

CVE-2019-8576

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2019-8576

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2019-8560

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory...

CVE-2019-8542

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges...

CVE-2019-8542

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges...

CVE-2019-8517

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...

CVE-2019-8517

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...