8712 matches found
Input validation
Improper initialization in subsystem for IntelR CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 4.0.30 IntelR SPS versions before E305.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access...
Default configuration
Insecure default initialization of resource in IntelR Boot Guard in IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 3.1.80 and 4.0.30, IntelR SPS versions before E504.01.04.400, E304.01.04.200, SoC-X04.00.04.200...
CVE-2020-8705
Insecure default initialization of resource in IntelR Boot Guard in IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 3.1.80 and 4.0.30, IntelR SPS versions before E504.01.04.400, E304.01.04.200, SoC-X04.00.04.200...
Cisco WebEx Network Recording Player ARF File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Apple Mac OS X Security Update (HT211947)
Apple Mac OS X is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-25662
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the...
CVE-2020-25662
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the...
Moderate: Red Hat Security Advisory: cloud-init security, bug fix, and enhancement update
An update for cloud-init is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c outside the wNumCoef loop...
SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c inside the wNumCoef loop...
Memory Initialization Vulnerability in Multiple Apple Products
Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for Smart TVs. A security vulnerability exists in Apple iOS before 13.6, iPadOS before 13.6, tvOS before 13.4.8, watchOS before 6.2.8 and macOS Catalina before 10.15.6. The vulnerability can be...
CVE-2019-8539
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code with system privileges...
CVE-2018-4448
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.1.1, watchOS 5.1.2, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update...
CVE-2019-8539
CVE-2019-8539 is a memory initialization issue in Apple Disk Management that could allow a malicious application to execute arbitrary code with system privileges on macOS. Public details in connected sources indicate the vulnerability affects macOS Mojave (Disk Management component) and was addre...
CVE-2018-4448
CVE-2018-4448 is a kernel memory initialization issue resolved by Apple across multiple OS lines. The root cause was a memory handling flaw that could allow a local attacker to read kernel memory. Affected products include macOS (Sierra/High Sierra/Mojave families), iOS, watchOS, and tvOS. The fi...
LSN-0073-1: Kernel Live Patch Security Notice
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
CVE-2020-9863
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges...
CVE-2020-9863
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges...
CVE-2020-9863
CVE-2020-9863 affects Apple platforms (iOS 13.6/iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8). Description: a memory initialization issue was fixed via improved memory handling; impact: an application may execute arbitrary code with kernel privileges. Mitigation: apply the Appl...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-2200)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...