260 matches found
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service DoS. The vulnerability exists as the tf.rawops.ImmutableConst operation crashes the Python interpreter when it tries to write the immutable memory area, if the type of the tensor is not an integral type...
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...
CVE-2019-10978
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area...
CVE-2019-10978
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area...
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service DoS, or possibly have unspecified other impa...
Design/Logic Flaw
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, the function tzbsppilverifysig does not...
Nitro Pro 10 PDF Handling Code Execution Vulnerability(CVE-2016-8711)
Summary A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific PDF file to trigger this vulnerability. Tested...
UBUNTU-CVE-2017-12163
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of serv...
Windows Kernel stack memory disclosure in nt!NtQueryInformationWorkerFactory(CVE-2017-0300)
We have discovered that the nt!NtQueryInformationWorkerFactory system call called with the WorkerFactoryBasicInformation 7 information class discloses portions of uninitialized kernel stack memory to user-mode clients, on Windows 7 to Windows 10. The specific layout of the output structure...
Linux in the Stack Clash vulnerabilities that may be exploited by hackers to obtain local root privileges-bug warning-the black bar safety net
Last month, Qualys security researchers in a variety of Unix-based Systems found on called the“Stack Clash”the vulnerability could allow an attacker on a UNIX system to gain root privileges and take over the attack computer. Currently security researchers discovered this flaw and are working with...
Debian DSA-3705-1 : curl - security update
Several vulnerabilities were discovered in cURL, an URL transfer library : - CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. - CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case...
RHEL 6 : kernel (RHSA-2014:1365)
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Mandriva Linux Security Advisory : curl (MDVSA-2013:180)
A vulnerability has been discovered and corrected in curl : libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations...
kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
Integer overflow in the vmatoresize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service BUGON and system crash via a crafted mremap system call that expands a memory mapping...
Alwil Software Avast Antivirus device driver privilege escalation
No bounds checking on signal arguments processing in device driver allows to overwrite any kernel memory area...
CVE-2003-0985
The mremap system call domremap in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area VMA to create...
SuSE-SA:2004:001: Linux Kernel
The remote host is missing the patch for the advisory SuSE-SA:2004:001 Linux Kernel. The domremap function of the Linux Kernel is used to manage move, resize Virtual Memory Areas VMAs. By exploiting an incorrect bounds check in domremap during the remapping of memory it is possible to create a VM...
Linux kernel do_mremap() call creates virtual memory area of 0 bytes in length
Overview There is a vulnerability in the Linux kernel memory management routines that allows local users to gain superuser privileges. Description The Linux kernel contains a vulnerability in the domremap call that allows software to create a virtual memory area VMA with a length of 0 bytes. This...
security flaw
The domremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the domunmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different...
security flaw
The mremap system call domremap in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area VMA to create...