Microsoft Windows/Windows Server Information Disclosure Vulnerability (CNVD-2021-63302)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Microsoft Windows/Windows Server Win32k has an information disclosure...

PT-2020-11851 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 Description: A logic issue was addressed with improved state management, allowing a malicious application to potentially determine kernel memory layout. Recommendations: For versions prior to 11.0.1, update to...

PT-2020-20904 · Apple · Macos Catalina +7

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 tvOS versions prior to 14.0 macOS Big Sur versions prior to 11.1 macOS Catalina versions prior to Security Update 2020-001 macOS Mojave versions prior to Security Update 2020-007 watchOS versions prior to 7.0 iO...

kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c

An information leak flaw was found in the Linux kernel's USB digital video device driver. An attacker with a malicious USB device presenting itself as a 'Technotrend/Hauppauge USB DEC' device is able to issue commands to this specific device and leak kernel internal memory information. The highes...

Buffer Overflow Vulnerability in Multiple Apple Products (CNVD-2020-61634)

Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.Apple iOS is an operating system for mobile devices.Apple tvOS is an operating system for smart TVs.Apple tvOS is an operating system...

Apple macOS Catalina Bluetooth Memory Corruption Vulnerability

Apple OS X is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in OS X Bluetooth, which can be exploited by a local user to cause the system to unexpectedly terminate or read kernel memory. An attacker could exploit this vulnerability to cause t...

CVE-2019-8780

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13. A malicious application may be able to determine kernel memory layout...

CVE-2019-8759

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2019-8744

A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious...

CVE-2019-8547

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Updat...

CVE-2018-4448

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.1.1, watchOS 5.1.2, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory...

Memory corruption

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.1.1, watchOS 5.1.2, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update...

CVE-2019-8759

CVE-2019-8759 is an out-of-bounds read in Apple’s IOGraphics component on macOS Catalina 10.15 and earlier. A local attacker could terminate the system or read kernel memory. The issue is fixed in macOS Catalina 10.15.1 and Security Updates 2019-001/2019-006. Affected/docs references include Appl...

CVE-2019-8759

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2019-8744

A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious...

CVE-2019-8547

CVE-2019-8547 is an out-of-bounds read vulnerability that could disclose kernel memory due to improper input validation. The issue affects Apple platforms and was addressed via multiple updates: macOS Mojave 10.14.5, Security Update 2019-003 for High Sierra and Sierra, watchOS 5.2, macOS Mojave 1...

ALPINE-CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

Design/Logic Flaw

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

CVE-2020-27674

CVE-2020-27674 is a Xen hypervisor local privilege escalation affecting Xen 4.14.x and earlier where x86 PV guests can gain guest OS privileges by modifying kernel memory contents due to mishandled invalidation of TLB entries in an INVLPG-like attack. The issue enables a local attacker to escalat...