CVE-2019-2316

CVE-2019-2316 concerns Qualcomm Snapdragon components where a local variable is used after it goes out of scope during digest computation in multiple Snapdragon platforms (MDM9640, QCS405, QCS605, SD 4xx/6xx/7xx series, 710/712/730/845/850/855, SDM660/SDX24, etc.). The root cause is a use-after-s...

CVE-2019-2316

When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730...

CVE-2018-11889

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free...

CVE-2018-11232

The etmsetupaux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service panic because a parameter is incorrectly used as a local variable...

CVE-2018-11232

The etmsetupaux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service panic because a parameter is incorrectly used as a local variable...

CVE-2018-11232

The vulnerability CVE-2018-11232 affects the Linux kernel, specifically the etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c, and exists in versions prior to 4.10.2. The root cause is that a parameter is incorrectly used as a local variable, which can lead to a denial of...

Weld: Limited information disclosure via stale thread state

It was discovered that under specific conditions the conversation state information stored in a thread-local variable in JBoss Weld was not sanitized correctly when the conversation ended. This could lead to a race condition that could potentially expose sensitive information from a previous...

Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)

Updated emacs packages fix security vulnerabilities : Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent...

CVE-2012-3479

Removed by vendor...

CVE-2012-3479

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file...

Fedora 16 : emacs-23.3-10.fc16 (2012-11872)

CVE-2012-3479 emacs: Evaluation of 'eval' forms in file-local variable sections, when 'enable-local-variables' set to ':safe' Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean a...

Stack overflow

Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache...

CVE-2011-0913

Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache...

RarCrack 0.2 - 'Filename init() .bss' (PoC)

The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for reassure me when i sayed "WHY EIP IT'S NOT...

RarCrack 0.2 - Filename init() .bss (PoC)

RarCrack 0.2 - Filename init .bss PoC The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for...

cman security, bug fix, and enhancement update

2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...

Mandriva Linux Security Advisory : emacs (MDVSA-2008:034)

The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ':safe', did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file...

Mandriva Update for emacs MDVSA-2008:034 (emacs)

Check for the Version of emacs OpenVAS Vulnerability Test Mandriva Update for emacs MDVSA-2008:034 emacs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Emacs 2.1 - Local Variable Arbitrary Command Execution

Emacs 2.1 - Local Variable Arbitrary Command Execution source: https://www.securityfocus.com/bid/15375/info Emacs is susceptible to an arbitrary command execution vulnerability with local variables. This issue is due to insufficient sanitization of user-supplied input. By modifying a text file to...

Дырка в Internet Explorer (local variable exposure)

При использовании URL типа http://www.evil.org/VAR можно получить значение переменной VAR...