A vulnerability in the binary storage of systemd-journald in the Debian operating system, which allows an attacker to gain access to confidential data

The vulnerability in the binary storage of systemd-journald in the Debian operating system is related to an error in message processing that ends with a semicolon. This can lead to the exposure of memory data. Exploiting this vulnerability allows an attacker to gain access to confidential data...

Moderate: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

CVE-2018-16866

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable...

CVE-2018-16866

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable...

The vulnerability of the IBM WebSphere Application Server application server lies in its ability to restore unreliable data structures in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the IBM WebSphere Application Server application server lies in the recovery of unreliable data structures in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary Java code using a SOAP connection, from a remote location...

The vulnerability of the WLS Core Components of the WebLogic Server application server allows a hacker to gain full control over the application.

The vulnerability of the WLS Core Components of the WebLogic Server application server is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows an attacker operating remotely to gain full control over the application using the T3 protocol...

Vulnerability of Microsoft COM components in Windows operating systems, allowing attackers to execute arbitrary code

The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to the restoration of a dubious data structure in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file or script...

Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks...

The vulnerability of the library for working with SVG images in Apache Batik, related to the restoration of unreliable data structures in memory, allows attackers to gain access to protected data or cause service failures.

The vulnerability of the Apache Batik library for working with SVG images is related to the restoration of a dubious data structure in memory the “AbstractDocument” class. Exploiting this vulnerability could allow an attacker to gain access to protected data or cause service failures using the HT...

chromium-browser: Same origin policy bypass in ServiceWorker

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

chromium-browser: Confusing autofill settings

Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

The vulnerability of the Cisco Secure Access Control System’s access control software lies in the ability to restore a questionable data structure in memory, allowing an intruder to execute arbitrary commands with root privileges.

The vulnerability of the Cisco Secure Access Control System ACS management software exists due to insufficient validation of input data and the inability to restore a reliable data structure in memory. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary...

The vulnerability of the accessMgrServlet component of the HP Intelligent Management Center software allows a perpetrator to execute arbitrary code.

The vulnerability of the accessMgrServlet component of the HPE Intelligent Management Center PLAT software lies in the recovery of unreliable data structures in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the WebDMDebugServlet component of the HPE Intelligent Management Center PLAT software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the WebDMDebugServlet component of the HPE Intelligent Management Center PLAT software lies in the ability to restore an unreliable data structure in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the SYSTEM context remotely...

The vulnerability of the WebDMServlet component in the HPE Intelligent Management Center PLAT software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the WebDMServlet component in the HPE Intelligent Management Center PLAT software platform is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the SYSTEM context remotely...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-06767)

Microsoft Windows Server 2008 SP2 and others are a series of operating systems from Microsoft Corporation.Windows kernel is one of the operating system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel, which arises from a program's failure to properly filter...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-06771)

Microsoft Windows Server 2008 SP2 and others are a series of operating systems from Microsoft Corporation.Windows kernel is one of the operating system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel, which arises from a program's failure to properly filter...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-06769)

Microsoft Windows Server 2008 SP2 and others are a series of operating systems from Microsoft Corporation.Windows kernel is one of the operating system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel, which arises from a program's failure to properly filter...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-06766)

Microsoft Windows Server 2008 SP2 and others are a series of operating systems from Microsoft Corporation.Windows kernel is one of the operating system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel, which arises from a program's failure to properly filter...

CVE-2016-8785

Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using...