Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits including primarily semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in several qualcomm...

Contiki Buffer Overflow Vulnerability

Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. Contiki suffers from a buffer overflow vulnerability that stems from not performing integrity checks on the value of the urgent data pointer, allowing an attacker to corrupt memory ...

CVE-2020-17528

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX incubating versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet...

Multiple Embedded TCP/IP 缓冲区错误漏洞

Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. Contiki suffers from a buffer overflow vulnerability that stems from not performing integrity checks on the value of the urgent data pointer, allowing an attacker to corrupt memory ...

RUSTSEC-2020-0027 traitobject assumes the layout of fat pointers

This crate gets the data pointer from fat pointers assuming that the first element in a fat pointer is the data pointer. This is currently true, but it may change in a future Rust version, leading to memory corruption. This has been fixed in the master branch of the crate, but is has not been...

Exploit for Type Confusion in Mozilla Firefox

SpiderMonkey - CVE-2019-11707 Bug: https://bugs.chromium.org/...

Open redirect

Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W,...

CVE-2017-7371

In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth...

CVE-2017-7371

In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth...

oops in compat_sys_mount() when data pointer is NULL

The compatsysmount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service NULL pointer dereference and oops by mounting a smbfs file system in compatibility mode "mount -t smbfs"...