349 matches found
Protect
A debug functionality in FortiGate may allow a privileged user to execute unauthorized code or commands via specific chains of print str and cmd mem cli commands to, respectively, read and write hexadecimal values to any memory address...
smallvec creates uninitialized value of any type
Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...
CVE-2020-21688
A heap-use-after-free in the avfreep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code...
UBUNTU-CVE-2020-21688
A heap-use-after-free in the avfreep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code...
FFmpeg 资源管理错误漏洞
FFmpeg is a set of open source computer programs that can be used to record, convert, and stream digital audio and video under the LGPL or GPL license. avfreep function in libavutil/mem.c in FFmpeg version 4.2 is vulnerable to a heap-release post-reuse vulnerability. An attacker can exploit this...
CVE-2021-34382
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tzmapsharedmem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel...
NVIDIA TLK 输入验证错误漏洞
Nvidia NVIDIA TLK is a scheduler from Nvidia Corporation of America for use with Trusted Firmware-A TF-A. NVIDIA TLK suffers from an Input Validation Error vulnerability that stems from Trusty TLK containing a vulnerability in the NVIDIA TLK kernel function, where a missing check allows...
CVE-2021-3491
The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...
UBUNTU-CVE-2021-28903
A stack overflow in libyang = v1.0.225 can cause a denial of service through function lyxmlparsemem. lyxmlparseelem function will be called recursively, which will consume stack space and lead to crash...
CVE-2021-3491
A flaw was found in the Linux kernel. The iouring PROVIDEBUFFERS operation allowed the MAXRWCOUNT limit to be bypassed, which led to negative values being used in memrw when reading /proc//mem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
PT-2021-8024 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an unbalanced device enable/disable in suspend/resume, caused by the removal of pci enable device mem from ixgbe resume in commit 6f82b2558735. This removal led...
PT-2021-4098 · Libyang +2 · Libyang +2
Name of the Vulnerable Software and Affected Versions: libyang versions prior to 1.0.225 Description: The issue is related to a stack overflow in the libyang library, which can cause a denial of service. This occurs due to uncontrolled recursion of the lyxml parse elem function when lyxml parse m...
CVE-2021-26958
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::castevent uses std::mem::transmute to return a reference to an arbitrary type...
PT-2021-11933 · Libmysofa +1 · Libmysofa +1
Name of the Vulnerable Software and Affected Versions: libmysofa versions 0.5 through 1.1 Description: The issue arises from incorrect handling of input data in the mysofa resampler reset mem function, leading to a heap buffer overflow and the potential overwriting of a large memory block...
Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability
Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.05. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that modifies the program at runtime v...
CVE-2020-15503
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...
CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...
CVE-2020-14059
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...
RUSTSEC-2020-0026 linked-hash-map creates uninitialized NonNull pointer
Affected versions of this crate called mem::uninitialized to create a NonNull, which is undefined behavior. The flaw was corrected by avoiding the use of mem::uninitialized...
zziplib security update
0.13.62-12 - Fix a directory traversal bug - unzip-mem should now strip all '../' prefixes from the archived files - Resolves: CVE-2018-17828...