673 matches found
Trend Micro Password Manager Integer Truncation Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Password Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tre...
Trend Micro Password Manager 输入验证错误漏洞
Trend Micro Password Manager is a secure password management solution from Trend Micro. runc is a CLI Command Line Interface tool for generating and running containers according to the OCI specification. An input validation error vulnerability exists in Trend Micro Password Manager that stems fro...
SUSE: Security Advisory (SUSE-SU-2020:1335-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2021-6775 · Unknown · Gpac Project On Advanced Content Library
Name of the Vulnerable Software and Affected Versions: GPAC Project on Advanced Content library version 1.0.1 Description: An exploitable integer truncation issue exists within the MPEG-4 decoding functionality. A specially crafted MPEG-4 input can cause improper memory allocation, resulting in a...
Oracle VirtualBox VMSVGA Numeric Truncation Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
SUSE: Security Advisory (SUSE-SU-2020:1552-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1430-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...
Updated glib2.0 packages fix security vulnerabilities
Fix various instances within GLib where gmemdup was vulnerable to a silent integer truncation and heap overflow problem discovered by Kevin Backhouse, work by Philip Withnall 2319 Fix some issues with handling over-long invalid input when parsing for GDate !1824 Don't load GIO modules or parse...
MGASA-2021-0123 Updated glib2.0 packages fix security vulnerabilities
Fix various instances within GLib where gmemdup was vulnerable to a silent integer truncation and heap overflow problem discovered by Kevin Backhouse, work by Philip Withnall 2319 Fix some issues with handling over-long invalid input when parsing for GDate !1824 Don't load GIO modules or parse...
EulerOS Virtualization 2.9.0 : edk2 (EulerOS-SA-2021-1668)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - EFI Development Kit II AARCH64 UEFI FirmwareSecurity Fixes:AuthenticodeVerify calls OpenSSLs d2iPKCS7 API to parse asn encoded signe...
EulerOS Virtualization 2.9.1 : edk2 (EulerOS-SA-2021-1633)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - EFI Development Kit II AARCH64 UEFI FirmwareSecurity Fixes:AuthenticodeVerify calls OpenSSLs d2iPKCS7 API to parse asn encoded signe...
CentOS 8 : dpdk (CESA-2020:4806)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4806 advisory. - dpdk: librtevhost Integer overflow in vhostusersetlogbase CVE-2020-10722 - dpdk: librtevhost Integer truncation in vhostusercheckandallocqueuepair...
CentOS 8 : freetype (CESA-2020:4952)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4952 advisory. - freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 Note that Nessus has not tested for this issue but has instead...
Exploit for Improper Access Control in Xen
kernelexploitfactory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. The test is on...
Updated edk2 packages fix multiples security vulnerabilities
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...
CVE-2020-35926
An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator even ChaCha to return all zeroes because integer truncation was mishandled...
CVE-2020-35926
An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator even ChaCha to return all zeroes because integer truncation was mishandled...
CVE-2020-35926
An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator even ChaCha to return all zeroes because integer truncation was mishandled...
CVE-2020-35926
CVE-2020-35926 concerns the nanorand crate for Rust prior to 0.5.1, where random number generators (including ChaCha) could return all zeroes due to integer truncation. This affects RNG implementations for standard unsigned integers and arises from using bit-shifting instead of a direct cast, per...