PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions

A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: prevents reg-wait speculation. By using ENTEREXTARGREG instead of passing a user pointer along with arguments for the waiting loop, the user can specify an offset within a pre-mapped region of memory. In this case, offse...

SUSE CVE-2020-12863

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083...

DEBIAN-CVE-2020-12864

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081...

MS16-004: Security Update for Microsoft Office to Address Remote Code Execution (3124585)

The remote Windows host has a version of Microsoft Office, Word, Word Viewer, Excel, Excel Viewer, PowerPoint, Visio, SharePoint, Visual Basic, or Microsoft Office Compatibility Pack installed that is affected by multiple vulnerabilities : - Multiple cross-site scripting vulnerabilities exist in...

Microsoft Internet Explorer ASLR Security Bypass Vulnerability (CNVD-2015-05229)

Microsoft Internet Explorer is a commonly used browser. A security bypass vulnerability exists in Microsoft Internet Explorer. An attacker can exploit the vulnerability to bypass the ASLR security feature by making it easier to predict memory offsets that specify call stack specific instructions...

Microsoft Internet Explorer/Edge ASLR Security Bypass Vulnerability

Microsoft Internet Explorer is a commonly used browser. A security bypass vulnerability exists in Microsoft Internet Explorer. An attacker can bypass the ASLR security feature by more easily predicting memory offsets that specify call stack specific instructions...

MS15-070: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3072620)

The remote Windows host has a version of Microsoft Office, Microsoft Word, Microsoft Excel, Microsoft PowerPoint, SharePoint Server, or Microsoft Office Compatibility Pack installed that is affected by multiple vulnerabilities : - An ASLR bypass vulnerability exists in Microsoft Excel due to memo...

Microsoft Office Security Feature Bypass Vulnerability (3033857)

This host is missing an important security update according to Microsoft Bulletin MS15-013. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Linux Kernel 2.4.x2.6.x - Assembler Inline Function Local Denial of Service

Linux Kernel 2.4.x2.6.x - Assembler Inline Function Local Denial of Service / ----------------------------------------------------------------------------- frstor Local Kernel exploit Crashes any kernel from 2.4.18 to 2.6.7 because frstor in assembler inline offsets in memory by 4. Original proof...