CVE-2018-5718

The CVE affects SafeN’Sec SoftControl/SafenSoft products: SysWatch, TPSecure, and Enterprise Suite, where snscore.sys allows improper restriction of write operations within memory buffer bounds. The root cause is buffer-boundary checks in snscore.sys, enabling a local attacker to cause a denial o...

CVE-2018-5718

Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service BSOD or modify kernel-mode...

The vulnerability of Microsoft Edge browser and the ChakraCore JavaScript engine handler, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge browser and the JavaScript scenario handler ChakraCore arises due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

The vulnerability of the Internet Explorer browser, related to the execution of operations beyond the buffer in memory, allows an attacker to execute arbitrary code.

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

The vulnerability of VBScript script handlers in Windows operating systems allows attackers to execute arbitrary code.

The vulnerability of VBScript script handlers in Windows operating systems arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted web page or document...

The vulnerability of the Qualcomm operating system Android allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2018-1000300

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...

CVE-2018-1000300

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...

Heap overflow

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...

CVE-2018-1000300

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...

The vulnerability of the RPMB (Replay Protected Memory Block) processor in Android operating systems allows a hacker to trigger buffer overflows.

The vulnerability of the RPMB Replay Protected Memory Block processor in Android operating systems arises from an error in calculating the size of memory buffers. Exploiting this vulnerability can allow a remote attacker to trigger buffer overflows...

FreeBSD : cURL -- multiple vulnerabilities (04fe6c8d-2a34-4009-a81e-e7a7e759b5d2)

cURL security problems : CVE-2018-1000300: FTP shutdown response buffer overflow curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies. When doing FTP transfers, curl keeps a spare 'closure handle' around internally that will be...

CVE-2018-1000300

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...

CVE-2018-1000300

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This...

The vulnerability of the Sensorhub service on the Samsung Mobile operating system allows a hacker to execute arbitrary code.

The vulnerability of the Sensorhub service on the Samsung Mobile operating system arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Android operating system from the CAF repository, related to integer overflow, allows an attacker to trigger a memory buffer overflow.

The vulnerability of the Android operating system from the CAF repository is related to a numerical overflow issue. Exploiting this vulnerability allows an attacker to trigger a memory buffer overflow...

The vulnerability of the WLAN operating system component in the Android repository CAF, which allows a hacker to execute arbitrary code.

The vulnerability of the WLAN subsystem of the Android operating system from the CAF repository involves an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Schneider Electric Triconex Tricon

1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION : Exploitable remotely/HatMan malware specifically targets these vulnerabilities. Vendor : Schneider Electric Equipment : Triconex Tricon, Model 3008 Vulnerabilities : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. UPDATE...

ICSA-18-107-03_Rockwell Automation Stratix Services Router

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Rockwell Automation Equipment : Allen-Bradley Stratix 5900 Services Router Vulnerabilities : Improper Input Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer,...

Rockwell Automation FactoryTalk Activation Manager (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Rockwell Automation Equipment : Factory Talk Activation Manager Vulnerabilities : Cross-site Scripting, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. UPDATE...