1716 matches found
CVE-2018-19320
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...
Information disclosure
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...
WhatsApp - RTP Processing Heap Corruption
WhatsApp - RTP Processing Heap Corruption Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet. 08-31 15:43:50.721 9428 9713 F libc : Fatal signal 11 SIGSEGV, code 1, fault addr 0x7104200000 in tid 9713 Thread-11 08-31 15:43:50.722 382 382 W : debuggerd:...
WhatsApp - RTP Processing Heap Corruption Exploit
Exploit for Android platform in category dos / poc Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet. 08-31 15:43:50.721 9428 9713 F libc : Fatal signal 11 SIGSEGV, code 1, fault addr 0x7104200000 in tid 9713 Thread-11 08-31 15:43:50.722 382 382 W :...
tcpreplay heap buffer overflow vulnerability (CNVD-2018-20537)
Tcpreplay is a set of open source utilities for editing and replaying network traffic for UNIX based operating systems. A heap buffer overflow vulnerability exists in the sendpackets.c file in Tcpreplay version 4.3.0, which stems from the 'getnextpacket' function using the 'memcpy' function in an...
CVE-2018-17582
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The getnextpacket function in the sendpackets.c file uses the memcpy function unsafely to copy sequences from the source buffer pktdata to the destination prevpacket-pktdata. This will result in a Denial of Service DoS and potentially...
DEBIAN-CVE-2018-17582
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The getnextpacket function in the sendpackets.c file uses the memcpy function unsafely to copy sequences from the source buffer pktdata to the destination prevpacket-pktdata. This will result in a Denial of Service DoS and potentially...
CVE-2018-17582
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The getnextpacket function in the sendpackets.c file uses the memcpy function unsafely to copy sequences from the source buffer pktdata to the destination prevpacket-pktdata. This will result in a Denial of Service DoS and potentially...
Heap overflow
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The getnextpacket function in the sendpackets.c file uses the memcpy function unsafely to copy sequences from the source buffer pktdata to the destination prevpacket-pktdata. This will result in a Denial of Service DoS and potentially...
CVE-2018-17582
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The getnextpacket function in the sendpackets.c file uses the memcpy function unsafely to copy sequences from the source buffer pktdata to the destination prevpacket-pktdata. This will result in a Denial of Service DoS and potentially...
CVE-2018-17582
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The getnextpacket function in the sendpackets.c file uses the memcpy function unsafely to copy sequences from the source buffer pktdata to the destination prevpacket-pktdata. This will result in a Denial of Service DoS and potentially...
CVE-2018-11863
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy...
Buffer overflow
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, possible buffer overflow while incrementing the logbuf of type uint64t in memcpy function, since the logbuf pointer can access the memory beyond the size to store the data after pointer...
Buffer overflow
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy...
CVE-2018-11863
The CVE-2018-11863 issue affects Android variants built on CAF Linux kernel. The root cause is a missing input length check when processing firmware data to determine the length of the WMA roam synch buffer, which can lead to a buffer overwrite during memcpy. The vulnerability is categorized unde...
CVE-2018-11265
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, possible buffer overflow while incrementing the logbuf of type uint64t in memcpy function, since the logbuf pointer can access the memory beyond the size to store the data after pointer...
CVE-2018-3903
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call...
Buffer overflow
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call...
CVE-2018-3903
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call...
Buffer overflow
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivtransferdata: % highlight c % ifoutlen + recvlen - 2 maxout fprintfstderr, "Output buffer to small, wanted to write %lu, max was %lu.", outlen +...