430 matches found
The vulnerability of the HostScan component of the Cisco AnyConnect Secure Mobility Client software for secure mobile connectivity applications, which runs on Linux operating systems, allows a hacker to disclose protected information.
The vulnerability of the HostScan component of the Cisco AnyConnect Secure Mobility Client software for Linux operating systems relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information through specially...
CVE-2018-13885
Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD...
CVE-2018-13885
Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD...
CVE-2018-13885
CVE-2018-13885 describes a memory overread in Qualcomm Snapdragon components (e.g., Snapdragon Auto/Compute/IoT, mobile, wearables) that could allow access to sensitive data. The issue is documented across multiple sources (NVD, Red Hat, CVE list, PRION) with consistent wording: a memory overread...
(Vulnerability) The vulnerability of the binary system for storing service information via systemd-journald arises from operations that go beyond the buffer in memory. This allows an attacker to trigger a service failure or execute code with journald privileges.
The vulnerabilities of the binary system for storing service information, systemd-journald and systemd-journal-remote, are due to operations that go beyond the buffer boundaries in memory. Exploiting these vulnerabilities can allow an attacker to cause a service failure or execute code with...
The vulnerability of the multimedia library libvorbis, related to the escape from memory buffer reading, allows attackers to cause service failures or compromise data confidentiality and integrity.
The vulnerability of the multimedia library libvorbis is related to an error that causes reading beyond the allocated buffer memory space. Exploiting this vulnerability can allow a malicious actor to cause service failures or compromise data confidentiality and integrity through the use of...
The vulnerability of the do_core_note function in the console command “file” allows a perpetrator to trigger a service failure.
The vulnerability of the docorenote function in the console command file is related to an error that causes reading beyond the allocated memory buffer. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially crafted ELF format file...
UBUNTU-CVE-2018-18765
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mgmqttnextsubscribetopic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially...
Vulnerability of the `rfc_process_mx_message` function in the Android operating system, allowing a hacker to disclose protected information
The vulnerability of the rfcprocessmxmessage function in the rfctsframes.cc library of the Android operating system arises from reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by thi...
UBUNTU-CVE-2018-17360
An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...
UBUNTU-CVE-2018-14587
An issue has been discovered in Bento4 1.5.1-624. AP4MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read...
CVE-2015-9193
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...
Input validation
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...
Buffer overflow
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820...
CVE-2015-9210
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...
CVE-2015-9193
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...
CVE-2014-9986
CVE-2014-9986 concerns Android devices with Qualcomm components (e.g., Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear MSM8909W, SD系列) where in playready_licacq_process_response(), the length of the cbResponse is not validated and is controlled by the HLOS. If cbResponse is too large, a...
CVE-2018-8960
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the ActionScript2 parser in the Flash Player software arises from reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...
ALPINE-CVE-2017-7407
The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a...