CVE-2019-10597

kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar,...

Important: kernel-livepatch-4.14.177-139.253

Issue Overview: In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4xattrsetentry use-after-free in fs/ext4/xattr.c when a large oldsize value is used in a memset call. CVE-2019-19319 Affected...

QEMU Buffer Overflow Vulnerability (CNVD-2020-36745)

QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A security vulnerability exists in the 'romcopy' function of the hw/core/loader.c file in QEMU version 4.1.0, which stems fro...

freerdp: Out-of-bounds write in planar.c

A flaw was found in freerdp in versions between 1.0 and 2.0.0. An out-of-bounds memory write was found in the planar.c function which could allow an attacker to control data sent from the RDP server to the client. The highest threat from this vulnerability is to data confidentiality and integrity...

CVE-2020-11524

A flaw was found in FreeRDP between versions 1.0 and 2.0.0. An out-of-bounds memory write was found in the interleaved.c function which could allow an attacker to take over and control the RDP server, including data sent to the client. The highest threat from this vulnerability is to data...

CVE-2020-10021

Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions...

EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1529)

According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel...

NETGEAR R8500 and R8300 Buffer Overflow Vulnerability (CNVD-2020-31334)

The NETGEAR R8500 and NETGEAR R8300 are both wireless routers from NETGEAR. A buffer overflow vulnerability exists in the NETGEAR R8300 prior to version 1.0.2.104 and the R8500 prior to version 1.0.2.104. The vulnerability arises when a network system or product performs an operation in memory...

Denial Of Service (DoS)

Mozilla Thunderbird is vulnerable to denial of service DoS. An arbitrary memory write flaw was found in the way Thunderbird handled out-of-memory conditions. If all memory was consumed when a user viewed a malicious HTML mail message, it could possibly lead to arbitrary code execution with the...

CVE-2018-21049

An issue was discovered on Samsung mobile devices with N7.x and O8.X Exynos chipsets software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 November 2018...

CVE-2018-21049

An issue was discovered on Samsung mobile devices with N7.x and O8.X Exynos chipsets software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 November 2018...

CVE-2020-6096

A signed comparison vulnerability was found in GNU libc in the ARMv7 implementation of memcpy. The flaw affects the third argument to memcpy that specifies the number of bytes to copy. An underflow on the third argument could lead to undefined behavior such as out-of-bounds memory write and...

EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1342)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow was discovered in the Linux kernel's Marvell WiFi chip driver. The flaw could occur when...

CVE-2019-19605

X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution...

CVE-2019-19605

X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution...

Code injection

X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution...

CVE-2019-19605

The CVE-2019-19605 issue affects Laminar Research X-Plane up to version 11.41, where a buffer overflow can be triggered by specially crafted network packets. The underlying condition allows an Arbitrary Memory Write, with the documented impacts being denial of service or potential arbitrary code ...

CVE-2019-19605

X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution...

CVE-2019-20607

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ...

CVE-2019-20553

An issue was discovered on Samsung mobile devices with P9.0 SM6150, SM8150, SM8150FUSION, exynos7885, exynos9610, and exynos9820 chipsets software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 October 2019...