160 matches found
OSV-2020-2081 UNKNOWN READ in presym_sym2name
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26400 Crash type: UNKNOWN READ Crash state: presymsym2name sym2namelen mrbsymnamelen...
EulerOS 2.0 SP2 : dcraw (EulerOS-SA-2019-2489)
According to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Integer overflow in the ljpegstart function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service crash via a crafted image,...
ThinkAgile CP-SB (Storage Block) BMC Session Handling Vulnerability - Lenovo Support US
No description provided...
System Update Vulnerability - Lenovo Support US
No description provided...
Intel PROSet/Wireless WiFi Software Vulnerability - NL
Lenovo Security Advisory: LEN-27828 Potential Impact: Denial of service Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2019-0136 Summary Description: A potential security vulnerability in Intel PROSet/Wireless WiFi Software may allow denial of service. Mitigation Strategy for...
Intel Integrated Performance Primitives (IPP) Information Disclosure - US
Lenovo Security Advisory: LEN-25662 Potential Impact: Information disclosure Severity: Moderate Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12155 Summary Description: Intel has notified Lenovo of a potential security vulnerability in Intel IPP may allow data leakage in cryptographic...
Intel Integrated Performance Primitives (IPP) Information Disclosure - Lenovo Support US
No description provided...
SQL injection vulnerability in joomla! Boo*** component len***_req***_bl*** function
joomla! is an open source content management system CMS. A SQL injection vulnerability exists in the lenreqbl function of the joomla! Boo component. The vulnerability allows attackers to obtain sensitive information about the database...
EUVD-2019-19008
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the datalen variable...
NVIDIA GeForce Experience Vulnerabilities - Lenovo Support US
Lenovo Security Advisory: LEN-25444 Potential Impact: Privilege escalation, information disclosure Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE‑2018‑6263, CVE‑2018‑6265, CVE‑2018‑6266 Summary Description: NVIDIA has released a software update for GeForce Experience. This upda...
Xen xen-netback xenvif_set_hash_mapping Integer Overflow Exploit
Exploit for multiple platform in category dos / poc Xen: integer overflow in xen-netback xenvifsethashmapping The xen-netback linux kernel module is the default backend for Xen's virtual network devices. Since commit 40d8abdee806d496a60ee607a6d01b1cd7fabaf0 the backend supports an additional...
NVIDIA Graphics Driver Multiple Vulnerabilities (including fixes for Intel Speculative Side Channel Vulnerabilities) - US
Lenovo Security Advisory: LEN-16730 Potential Impact: Denial of service, possible escalation of privilege, exfiltration of privileged memory Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2017-5753, CVE-2017-6266, CVE-2017-6267, CVE-2017-6268, CVE-2017-6269, CVE-2017-6270,...
Integrated Management Module 2 (IMM2) First Failure Data Capture (FFDC) Information Disclosure - US
Lenovo Security Advisory: LEN-20227 Potential Impact: Information disclosure Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2018-9068 Summary Description: The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware...
Broadcom WiFi Buffer Overflow Vulnerability - Lenovo Support US
No description provided...
Unbreakable Enterprise kernel security update
2.6.39-400.298.6 - perf/hwbp: Simplify the perf-hwbp code, fix documentation Linus Torvalds Orabug: 27947612 CVE-2018-100199 2.6.39-400.298.5 - xen-netfront: fix rx stall when reqprodpvt goes back to more than zero again Dongli Zhang Orabug: 25053376 - x86/IBRS: Remove support for IBRSENABLEDUSER...
CCN-lite buffer overflow vulnerability (CNVD-2018-03681)
CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. A buffer overflow vulnerability exists in ccn-lite-ccnb2xml.c in versions of CCN-lite prior to 2.0.0. An attacker can exploit this vulnerability to cause a buffer overflow via a route...
Buffer overflow
Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables...
CVE-2017-12468
Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables...
Unbreakable Enterprise kernel security update
4.1.12-103.9.2 - Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' Brian Maly Orabug: 27037811 4.1.12-103.9.1 - xfs: use dedicated log worker wq to avoid deadlock with cil wq Brian Foster Orabug: 27013241 - scsi: scsitransportiscsi: fix the issue that iscsiifrx...
CVE-2017-14054
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivrreadheader due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would...