Improper access control

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...

CVE-2020-1877

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...

CVE-2020-1877

CVE-2020-1877 involves Huawei NIP6800, Secospace USG6600 and USG9500 devices. Affected versions include V500R001C30; V500R001C60SPC500; V500R005C00SPC100. The root cause is an invalid pointer access when an administrator logs in and performs operations, which can cause certain processes to reboot...

CVE-2020-1874

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...

Huawei NIP6800, Secospace USG6600 and USG9500 Invalid Pointer Access Vulnerability (CNVD-2020-22003)

Huawei USG9500 and others are products of Huawei, China.USG9500 is a data center firewall product.NIP6800 is an intrusion prevention system.USG6600 is a data center firewall product. An invalid pointer access vulnerability exists in the Huawei NIP6800, Secospace USG6600, and USG9500, which can be...

Security Advisory - Invalid Pointer Access Vulnerability in Some Huawei Products

There is an invalid pointer access vulnerability in some products. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. Vulnerability ID: HWPSIRT-2019-12412 This vulnerability has...

RHEL 6 : chromium-browser (RHSA-2020:0514)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0514 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 80.0.3987.87. Security Fixes:...

Updated sqlite3 packages fix security vulnerabilities

Updated sqlite3 packages fix security vulnerabilities: An out of bounds write flaw CVE-2019-13734, insufficient data validation flaw CVE-2019-13750, uninitialized use flaw CVE-2019-13751, and out of bounds read flaws CVE-2019-13752, CVE-2019-13753 in SQLite before 3.31.0. It was discovered that...

MGASA-2020-0070 Updated sqlite3 packages fix security vulnerabilities

Updated sqlite3 packages fix security vulnerabilities: An out of bounds write flaw CVE-2019-13734, insufficient data validation flaw CVE-2019-13750, uninitialized use flaw CVE-2019-13751, and out of bounds read flaws CVE-2019-13752, CVE-2019-13753 in SQLite before 3.31.0. It was discovered that...

CVE-2019-10561

The CVE-2019-10561 entry concerns Snapdragon components (Auto/Compute/Connectivity, etc.) where improper initialization of local variables that are parameters to the sfs API can cause an invalid pointer dereference, leading to a Denial of Service. Affected families include numerous Snapdragon SoC...

CVE-2019-19820

An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402405 using METHODNEITHER results in a read primitive...

GNU LibreDWG Invalid Pointer Dereference Vulnerability

LibreDWG is a free C library for reading and writing DWG files. An invalid pointer dereference vulnerability exists in dwgdynapientityvalue in dynapi.c in LibreDWG 0.9.3.2564. An attacker can exploit this vulnerability to cause a denial of service...

CVE-2020-6615

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwgdynapientityvalue in dynapi.c dynapi.c is generated by gen-dynapi.pl...

CVE-2020-6615

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwgdynapientityvalue in dynapi.c dynapi.c is generated by gen-dynapi.pl...

Null pointer dereference

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwgdynapientityvalue in dynapi.c dynapi.c is generated by gen-dynapi.pl...

CVE-2020-6615

CVE-2020-6615 affects GNU LibreDWG 0.9.3.2564, with an invalid pointer dereference in dwg_dynapi_entity_value (dynapi.c generated by gen-dynapi.pl). Connected sources tie this CVE to libredwg updates fixing multiple issues in version 0.10, and openSUSE/SUSE advisories list it among 7 vulnerabilit...

CVE-2020-6615

GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwgdynapientityvalue in dynapi.c dynapi.c is generated by gen-dynapi.pl...

CVE-2019-20170

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid pointer dereference in the function GFIPMPXAUTHDelete in odf/ipmpxcode.c...

DEBIAN-CVE-2019-20170

An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid pointer dereference in the function GFIPMPXAUTHDelete in odf/ipmpxcode.c...

CVE-2019-20170

GPAC version 0.8.0 and 0.9.0-development-20191109 contains an invalid pointer dereference in GF_IPMPX_AUTH_Delete() (odf/ipmpx_code.c). The connected advisories (e.g., Debian DLA-2072, MGASA, OpenVAS/Nessus entries) corroborate CVE-2019-20170, but no explicit impact or remediation details are pro...