UBUNTU-CVE-2018-6149

Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2019-5785

CVE-2019-5785: An integer overflow in Skia led to potential arbitrary code execution via a crafted HTML page. Affected products include Google Chrome (Skia) prior to 72.0.3626.81 and Mozilla components used by Thunderbird/Firefox (e.g., Skia in Thunderbird before 60.5.1). Mitigation: patch Chrome...

CVE-2019-5785

Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2019-5785

Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6149

Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2018-6149

CVE-2018-6149: Out-of-bounds write in the V8 JavaScript engine of Chromium/Google Chrome prior to 67.0.3396.87. A remote attacker could exploit this via a crafted webpage to execute arbitrary code. Remediation: upgrade to 67.0.3396.87 or newer (upstream fix). Connected sources note the issue and ...

CVE-2018-6149

Removed by vendor...

The vulnerability of the mendex application, which is part of the TeX Live computer typesetting system, allows a hacker to cause a service failure.

The vulnerability of the mendex application, which is part of the TeX Live computer typesetting system, is related to overflow errors during the processing of command lines. Exploiting this vulnerability can allow an attacker to cause a service failure by sending commands with specially crafted...

CVE-2019-2250

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130...

Denial Of Service (DoS)

Apache HTTPD modauthnzldap is vulnerable to denial of serviceDoS attacks if configured with AuthLDAPCharsetConfig. A remote user could send a specially crafted Accept-Language header value to trigger an out-of-bounds memory write error and potentially cause the target service to crash...

Out-of-Bounds Write

Firefox Firefox ESR and Thunderbird are vulnerable to out-of-bounds Writes. A memory write error may occur when the Mozilla Updater opens a MAR format file that contains a very long item filename allowing remote unauthenticated attackers to cause denial of service conditions...

EulerOS Virtualization for ARM 64 3.0.1.0 : binutils (EulerOS-SA-2019-1377)

According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - concatfilename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30,...

Apple Mac OS X Security Updates (HT210119) - 02

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-4029

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution...

Remote code execution

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution...

mozilla: Integer overflow in Skia

Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Mozilla: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

Novatek NT9665X HFS Recv buffer overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code executio...

EulerOS Virtualization 2.5.3 : libssh2 (EulerOS-SA-2019-1362)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from th...

CVE-2019-11037

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...