The vulnerability of the PDFium rendering mechanism in Google Chrome browsers, related to memory usage after deallocation, allows attackers to compromise the integrity of the protected information.

The vulnerability of the PDFium rendering mechanism in the Google Chrome browser relates to the use of memory after deallocation. Exploiting this vulnerability allows an attacker to compromise the integrity of protected information by using a specially created PDF file...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3931-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3931-1 advisory. M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a...

USN-3931-2: Linux kernel (HWE) vulnerabilities

USN-3931-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. M. Vefa Bicakci and Andy Lutomirsk...

The vulnerability of the QXMLStreamReader function in the QXmlStream component of the cross-platform software development framework for Qt allows a perpetrator to cause a system failure or gain unauthorized access to information.

The vulnerability of the QXMLStreamReader function in the QXmlStream component of the cross-platform software development framework for Qt is related to double memory deallocation. Exploiting this vulnerability can allow an attacker to cause service failures or gain unauthorized access to...

The vulnerability of the WebRTC technology implementation in Google Chrome web browsers allows a hacker to induce a service failure.

The vulnerability of the WebRTC technology implemented in Google Chrome browser is related to the use of memory after deallocation. Exploiting this vulnerability allows a remote attacker to cause a service failure through a specially created HTML page...

SALT - SLUB ALlocator Tracer For The Linux Kernel

Welcome to salt , a tool to reverse and learn kernel heap memory management. It can be useful to develop an exploit, to debug your own kernel code, and, more importantly, to play with the kernel heap allocations and learn its inner workings. This tool helps tracing allocations and the current sta...

macOS < 10.14.3 / iOS < 12.1.3 XNU - vm_map_copy Optimization which Requires Atomicity isn&#0

/ vmmapcopyininternal in vmmap.c converts a region of a vmmap into "copied in" form, constructing a vmmapcopy structure representing the copied memory which can then be mapped into another vmmap or the same one. The function contains a while loop which walks through each of the vmmapentry...

macOS &lt; 10.14.3 / iOS &lt; 12.1.3 XNU - &#039;vm_map_copy&#039; Optimization which Requires Atomicity isn&#039;t Atomic

/ vmmapcopyininternal in vmmap.c converts a region of a vmmap into "copied in" form, constructing a vmmapcopy structure representing the copied memory which can then be mapped into another vmmap or the same one. The function contains a while loop which walks through each of the vmmapentry...

macOS 10.14.3 iOS 12.1.3 XNU - vm_map_copy Optimization which Requires Atomicity isnt Atomic

macOS 10.14.3 iOS 12.1.3 XNU - vmmapcopy Optimization which Requires Atomicity isnt Atomic / vmmapcopyininternal in vmmap.c converts a region of a vmmap into "copied in" form, constructing a vmmapcopy structure representing the copied memory which can then be mapped into another vmmap or the same...

The vulnerability in the implementation of the WebSockets technology in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a attacker to trigger a service failure.

The vulnerability in the implementation of the WebSockets technology in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability in the implementation of TLS 1.2 in Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a perpetrator to induce a service failure.

The vulnerability in the implementation of TLS 1.2 in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, allowing an attacker to cause a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after freeing resources during manipulation of ARIA elements in DOM containers. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, allowing an attacker to cause a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, when changing the size of image objects in the developer mode. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Cisco Wireless LAN Controller Simple Network Management Protocol Memory Leak Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is due to a memory leak that occurs on...

Ubuntu: Security Advisory (USN-3322-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Exim vulnerability (USN-3322-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3322-1 advisory. It was discovered that Exim did not properly deallocate memory when processing certain command line arguments. A local attacker could use this in...

USN-3322-1 exim4 vulnerability

It was discovered that Exim did not properly deallocate memory when processing certain command line arguments. A local attacker could use this in conjunction with a vulnerability in the underlying kernel to possibly execute arbitrary code and gain administrative privileges...

X (Formerly Twitter): Full Path Disclosure at 27.prd.vine.co

27.prd.vine.co had DNS pointing to an EC2 instance which had a path disclosure. The EC2 instance was previously owned by Vine but had been deallocated and later re-allocated to a new Amazon customer...

The vulnerability of the Internet Explorer browser, which allows a malicious individual to execute arbitrary code or trigger a service failure.

The Internet Explorer browser contains a vulnerability related to memory usage after deallocation of objects of the ClayoutBlock class. Exploiting this vulnerability allows malicious actors, operating remotely, to execute arbitrary code or cause service failures due to insufficient validation of...

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to memory reuse after deallocation use-after-free error in the browser/ui/views/speechrecognitionbubbleviews.cc file. Exploiting this vulnerability allows malicious actors to remotely cause system failures or other adverse effects through...