CVE-2019-20553

An issue was discovered on Samsung mobile devices with P9.0 SM6150, SM8150, SM8150FUSION, exynos7885, exynos9610, and exynos9820 chipsets software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 October 2019...

CVE-2019-20553

An issue was discovered on Samsung mobile devices with P9.0 SM6150, SM8150, SM8150FUSION, exynos7885, exynos9610, and exynos9820 chipsets software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 October 2019...

CVE-2019-15665

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges...

Adobe Patches Critical Bugs Affecting Media Encoder and After Effects

Adobe today released out-of-band software updates for After Effects and Media Encoder applications that patch a total of two new critical vulnerabilities. Both critical vulnerabilities exist due to out-of-bounds write memory corruption issues and can be exploited to execute arbitrary code on...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5535)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5535 advisory. - KVM: x86: fix out-of-bounds write in KVMGETEMULATEDCPUID CVE-2019-19332 Paolo Bonzini Orabug: 30658695 CVE-2019-19332 - rtlwifi: Fix potential...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5533)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5533 advisory. - rtlwifi: Fix potential overflow on P2P code Laura Abbott Orabug: 30807747 CVE-2019-17666 - rds: fix an infoleak in rdsincinfocopy Kangjie Lu Orabug:...

Amazon Linux 2 : kernel (ALAS-2020-1392)

The version of kernel installed on the remote host is prior to 4.14.165-131.185. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1392 advisory. 2024-05-09: CVE-2019-19965 was added to this advisory. A flaw was found in the Linux kernel. The cryptoreport...

Amazon Linux AMI : kernel (ALAS-2020-1338)

The version of kernel installed on the remote host is prior to 4.14.165-102.185. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1338 advisory. 2024-05-09: CVE-2019-19965 was added to this advisory. A flaw was found in the Linux kernel. The cryptoreport...

UBUNTU-CVE-2020-8517

An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in extlmgroupacl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated...

CVE-2019-19273

On Samsung mobile devices with O8.0 and P9.0 software and an Exynos 8895 chipset, RKP aka the Samsung Hypervisor EL2 implementation allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265...

CVE-2019-19273

On Samsung mobile devices with O8.0 and P9.0 software and an Exynos 8895 chipset, RKP aka the Samsung Hypervisor EL2 implementation allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265...

CVE-2019-19273

The CVE-2019-19273 entry concerns Samsung devices with O(8.0)/P(9.0) and Exynos 8895 where RKP (Samsung Hypervisor EL2) permits arbitrary memory write operations. The affected component is the Samsung Hypervisor EL2 implementation (RKP) running on vulnerable Exynos-based Android variants. Underly...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1429)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2018-1426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0093-1)

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-20095: mwifiextmcmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c had some error-handling cases that did not free allocated hostcmd memory. Th...

Design/Logic Flaw

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device...

CVE-2019-19332

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device...

CVE-2019-19332

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device...

CVE-2019-19332

CVE-2019-19332 affects the Linux kernel KVM implementation (x86) with an out-of-bounds memory write in handling the KVM_GET_EMULATED_CPUID ioctl, enabling a local user with access to /dev/kvm to crash the system (DoS). Affected range is kernels 3.13–5.4. Root cause described as a missing/bounds-c...

CVE-2019-3863

A flaw was found in libssh2. A server could send a multiple keyboard interactive response messages, whose total length are greater than the unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. The highest threat from this...