90 matches found
Design/Logic Flaw
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the...
CVE-2018-15376 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the...
CVE-2018-15375 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the...
Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
Multiple vulnerabilities in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerabilities ar...
CVE-2018-17076
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...
CVE-2018-17076
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...
Design/Logic Flaw
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...
CVE-2018-17076
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...
CVE-2018-17076
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...
GNU Barcode Buffer Overflow Vulnerability
GNU Barcode is a tool for converting text strings into print bars. It supports a variety of standard codes to represent text strings and create PostScript output. GNU Barcode suffers from a buffer overflow vulnerability that can be exploited to enable remote code execution by an attacker who can...
CVE-2017-9098
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image da...
Memory Error Via Double Free
ImageMagick is vulnerable to a double-free vulnerability. A double-free vulnerability can lead to a memory leak, overwriting arbitrary memory space or code execution...
Overflow using FILE structure-vulnerability warning-the black bar safety net
Recently, the Shanghai University student network security game it only shows a title pwn450, for not a lot of me, and instantly rip off forced, but the gangster or gangster, and finally was quite what the Yankees do come up, but anyway I didn't make out, and finally see explanations, with two...
Apple QuickTime 7.7.79.80.95 - .PSD Parsing Memory Corruption
Apple QuickTime 7.7.79.80.95 - .PSD Parsing Memory Corruption Application: Apple Quicktime Platforms: Windows, OSX Versions: before version 7.7.79.80.95 Author: Francis Provencher of COSIG Website: http://www.protekresearchlab.com/ Twitter: @COSIG @protekresearch CVE-2016-1769 1 Introduction 2...
FreeBSD : xen-kernel -- VMX: guest user mode may crash guest with non-canonical RIP (81f9d6a4-ddaf-11e5-b2bd-002590263bf5)
The Xen Project reports : VMX refuses attempts to enter a guest with an instruction pointer which doesn't satisfy certain requirements. In particular, the instruction pointer needs to be canonical when entering a guest currently in 64-bit mode. This is the case even if the VM entry information...
Hacking Team Android browser attacks during the vulnerability analysis Stage 2-vulnerability warning-the black bar safety net
A, vulnerability introduction: Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through Javascript to the virtual memory wri...
Scientific Linux Security Update : kexec-tools on SL7.x x86_64 (20150512)
It was found that the module-setup.sh script provided by kexec-tools created temporary files in an insecure way. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files. CVE-2015-0267 This update also fixes the...
Oracle Linux 7 : kexec-tools (ELSA-2015-0986)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0986 advisory. 2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel...
kexec-tools security, bug fix, and enhancement update
2.0.7-19.0.1.el71.2 - kdumpctl: exclude defaulthugepagesz setting from kdump kernel cmdline Sriharsha Yadagudde Orabug: 19134999 - kdumpctl: verify if kernel support securelevel interface Sriharsha Yadagudde Orabug: 18905671 2.0.7-19.2 - dracut-module-setup: Enhance kdump to support the bind...
Ifenslave 0.0.7 Argument Local Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...