libvncserver: websocket decoding buffer overflow

A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. The highest threat from this vulnerability is to data confidentiality and integrity as we...

libvncserver: websocket decoding buffer overflow

A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. The highest threat from this vulnerability is to data confidentiality and integrity as we...

SUSE-SU-2020:1873-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2017-18922: Fixed an issue which could have allowed to an attacker to pre-auth overwrite a function pointer which subsequently used leading to potential remote code execution bsc1173477...

grok:grk_decompress_fuzzer: Incorrect-function-pointer-type in grk_read_header

Detailed Report: https://oss-fuzz.com/testcase?key=6269912481005568 Project: grok Fuzzing Engine: libFuzzer Fuzz Target: grkdecompressfuzzer Job Type: libfuzzerubsangrok Platform Id: linux Crash Type: Incorrect-function-pointer-type Crash Address: Crash State: grkreadheader grkdecompressfuzzer.cp...

Exploit for Type Confusion in Mozilla Firefox

SpiderMonkey - CVE-2019-11707 Bug: https://bugs.chromium.org/...

grok:grk_decompress_fuzzer: Incorrect-function-pointer-type in grk_read_header

Detailed Report: https://oss-fuzz.com/testcase?key=5709008204988416 Project: grok Fuzzing Engine: libFuzzer Fuzz Target: grkdecompressfuzzer Job Type: libfuzzerubsangrok Platform Id: linux Crash Type: Incorrect-function-pointer-type Crash Address: Crash State: grkreadheader grkdecompressfuzzer.cp...

CVE-2019-10612

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure...

Stack overflow

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure...

CVE-2019-10612

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure...

DEBIAN-CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

UBUNTU-CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

grpc/api_fuzzer: Incorrect-function-pointer-type in grpc_core::AresDnsResolver::StartResolvingLocked

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=5752853455437824 Project: grpc Fuzzer: libFuzzergrpcapifuzzer Fuzz target binary: apifuzzer Job Type: libfuzzerubsangrpc Platform Id: linux Crash Type: Incorrect-function-pointer-type Crash Address: Crash...

grpc/api_fuzzer: Incorrect-function-pointer-type in grpc_core::AresDnsResolver::StartResolvingLocked

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=5635097540165632 Project: grpc Fuzzer: libFuzzergrpcapifuzzer Fuzz target binary: apifuzzer Job Type: libfuzzerubsangrpc Platform Id: linux Crash Type: Incorrect-function-pointer-type Crash Address: Crash...

grpc/api_fuzzer: Incorrect-function-pointer-type in grpc_core::AresDnsResolver::StartResolvingLocked

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=5168950411788288 Project: grpc Fuzzer: libFuzzergrpcapifuzzer Fuzz target binary: apifuzzer Job Type: libfuzzerubsangrpc Platform Id: linux Crash Type: Incorrect-function-pointer-type Crash Address: Crash...

Design/Logic Flaw

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager fxpc on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to...

CVE-2019-6256

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...

CVE-2019-6256

A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...

CVE-2018-9538

In V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2slicevideodecodeaccelerator.cc, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...