CVE-2025-65832

The mobile application insecurely handles information stored within memory. By performing a memory dump on the application after a user has logged out and terminated it, Wi-Fi credentials sent during the pairing process, JWTs used for authentication, and other sensitive details can be retrieved. ...

PT-2025-50540

Name of the Vulnerable Software and Affected Versions Meatmeet affected versions not specified Description The mobile application improperly manages sensitive information stored in memory. A memory dump of the application, following user logout and termination, can reveal Wi-Fi credentials...

EUVD-2022-36790

Malicious code in bioql PyPI...

The vulnerability of the Universal Plug and Play (UPnP) service in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Universal Plug and Play UPnP service in Windows operating systems is related to the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of Remote Desktop Services RDS for Windows operating systems lies in the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

PT-2024-9468 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The vulnerability in the Windows Local Security Authority Subsystem Service LSASS is related to the use of insecure mechanisms for handling authentication data in the operating system's...

PT-2024-6783 · Microsoft · Windows Ancillary Function Driver For Winsock +1

Name of the Vulnerable Software and Affected Versions: Windows Ancillary Function Driver for WinSock affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. This could allow an attacker ...

PT-2024-4622 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. It allows an attacker to elevate their privileges...

OpenConnect Security Vulnerability

OpenConnect is an open source application for connecting to virtual private networks. A security vulnerability exists in OpenConnect 7.08 and earlier versions, which stems from credentials and session cookie information being stored insecurely in memory, which can be scanned and credentials...

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data...

CVE-2022-33751

CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could allow a remote attacker to potentially access sensitive data...

Broadcom CA Automic Automation 安全漏洞

Broadcom CA Automic Automation is an automation product from Broadcom, Inc. It provides a service orchestration and automation platform to automate complex applications, platforms, and technology environments. A security vulnerability exists in Broadcom CA Automic Automation versions 12.2 and 12....

PT-2022-21862 · Ca · Ca Automic Automation

Name of the Vulnerable Software and Affected Versions: CA Automic Automation versions 12.2 through 12.3 Description: The issue is related to insecure memory handling in the Automic agent, which could allow a remote attacker to potentially access sensitive data. Recommendations: For CA Automic...

CVE-2021-37976

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2019-14874

In the i2b function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in case of...

CVE-2019-14878

In the d2b function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. Accessing x will trigger a null pointer dereference bug in case of a...

CVE-2018-17155

In FreeBSD before 11.2-STABLEr338983, 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLEr338984, and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes...

FreeBSD 10.3 / 10.4 : shm Insecure Memory Vulnerability (FreeBSD-SA-17:09.shm)

The version of the FreeBSD kernel running on the remote host is prior to 10.3-RELEASE-p24, or 10.4 prior to 10.4-RELEASE-p3. It is, therefore, affected by a potential information disclosure vulnerabilities in shm. An authenticated, remote attacker can exploit this issue by accessing the shared...

CVE-2017-7742

In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a segmentation violation with read memory access via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585...