UBUNTU-CVE-2020-6472

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension...

Huawei Data Communication: Input Validation Vulnerability in Huawei VRP Platform (huawei-sa-20161228-04-vrp)

There is an input validation vulnerability in some Huawei devices using VRP. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

The vulnerability of the logback-core class in the QOS.ch file of the Jackson-databind library allows a hacker to execute arbitrary code.

The vulnerability of the logback-core class in the QOS.ch file of the Jackson-databind library is related to the recovery of unreliable data in memory. Exploiting this vulnerability may allow a remote attacker to execute arbitrary code...

Microsoft Windows Media Foundation Information Disclosure Vulnerability (CNVD-2020-26239)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Media Foundation is one of the multimedia application libraries. An information disclosure...

UBUNTU-CVE-2020-6438

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...

CVE-2018-16866

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data...

PT-2020-20310 · Intuit · Argo Api

Name of the Vulnerable Software and Affected Versions: Argo API version 1.5.0 Description: The Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures, allowing attackers to submit an unlimited number of authentication attemp...

Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2020-20202)

Qualcomm MDM9607 and others are products of Qualcomm Incorporated.The MDM9607 is a central processing unit CPU product.The SDX24 is a modem.The SDM630 is a central processing unit CPU product. A buffer overflow vulnerability exists in Audio in multiple Qualcomm products. The vulnerability...

UBUNTU-CVE-2020-6793

When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird 68.5...

The vulnerability of the MyJob.perform_later function in the Ruby on Rails software platform allows a perpetrator to gain unauthorized access to confidential data.

The vulnerability of the MyJob.performlater function in the Ruby on Rails software platform relates to the restoration of unreliable data structures in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to confidential data...

CVE-2020-6793

When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird 68.5...

Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (CNVD-2020-22674)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system.The Windows Common Log File System Driver is one of the common log file system drivers...

Unspecified Vulnerability in Oracle Coherence

Oracle Fusion Middleware, the digital business platform for enterprise and cloud computing, is a comprehensive family of middleware products that enable organizations to create and run agile, intelligent business applications and maximize IT efficiency by leveraging modern hardware and software...

The vulnerability of the REVIEWS_CACHE component of the mintinstall program manager allows a hacker to execute arbitrary code.

The vulnerability of the REVIEWSCACHE component in the mintinstall manager is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2020-03580)

Qualcomm MDM9206 and others are products of Qualcomm Incorporated.MDM9206 is a central processing unit CPU product.MDM9607 is a central processing unit CPU product.MDM9640 is a central processing unit CPU product. A buffer overflow vulnerability exists in the Multi-mode Call processor in multiple...

The vulnerability of the PEAR Archive_Tar library in the Drupal CMS system allows a hacker to execute arbitrary code.

The vulnerability of the PEAR ArchiveTar library in the Drupal CMS system is related to the restoration of a dubious data structure in memory. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Microsoft Windows Media Player Information Disclosure Vulnerability (CNVD-2019-45918)

Microsoft Windows 7 SP1 and others are a series of operating systems released by Microsoft.Windows Media Player is one of these media players. An information disclosure vulnerability exists in Windows Media Player in Microsoft Windows 7 SP1, which arises from the program's failure to properly...

The vulnerability of the microprogramming software of Cisco Small Business RV016, Cisco Small Business RV042, Cisco Small Business RV042G, and Cisco Small Business RV082 allows a hacker to execute arbitrary code.

The vulnerability of the microprogrammed software of Cisco Small Business RV016, Cisco Small Business RV042, Cisco Small Business RV042G, and Cisco Small Business RV082 lies in the recovery of unreliable data structures in memory. Exploiting this vulnerability can allow an attacker operating...

plow buffer overflow vulnerability

plow is a command line playlist generator. A buffer overflow vulnerability exists in plow. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write operations being performed to...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Windows operating system kernels relates to errors in data processing in the device’s memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...