usrsctp: Out of bounds reads in sctp_load_addresses_from_init()

The Mozilla Foundation Security Advisory describes this flaw as: The inputs to sctploadaddressesfrominit are verified by sctparethereunrecognizedparameters; however, the two functions handled parameter bounds differently, resulting in out of bounds reads when parameters are partially outside a...

Foxit Studio Photo PSD File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2020-0506

Improper initialization in IntelR Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access...

Input validation

Improper initialization in IntelR Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2020-0506

Improper initialization in IntelR Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2020-0506

Improper initialization in IntelR Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access...

CVE-2019-14015

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

Stack overflow

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

CVE-2019-14015

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

CVE-2020-5536

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

Authentication flaw

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

CVE-2020-5536

OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) contains an authentication bypass vulnerability (CVE-2020-5536) due to improper authentication. An attacker on the same network segment may bypass authentication and initialize the device via unspecified vectors. Affected firmware: VX2 before 4...

CVE-2020-1792

Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156C00E156R2P4 and versions earlier than BKL-L09 10.0.0.146C432E4R1P4 have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter wh...

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory...

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory...

DBPower C300 HD Camera - Remote Configuration Disclosure Exploit

Exploit for hardware platform in category web applications Exploit Title: DBPower C300 HD Camera - Remote Configuration Disclosure Author: Todor Donev Vendor: https://donev.eu/ CVE: N/A Copyright 2020 c Todor Donev https://donev.eu/ https://donev.eu/blog/dbpower-c300-multiple-vulnerabilities...

CVE-2019-15875

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel da...

CVE-2019-15875

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel da...

Intel SGX SDK Elevation of Privilege Vulnerability

Intel SGX SDK is a set of software development kits based on SGX Intel Software Security Extensions technology from the U.S. company Intel Intel. A security vulnerability exists in versions of Intel SGX SDK prior to v2.6.100.1, which originates from an incorrect initialization of the program. A...

CVE-2020-0561

Improper initialization in the IntelR SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access...