The vulnerability of the AMD Secure Processor technology in processors like Ryzen, Ryzen Pro, and Ryzen Mobile allows for writing to the secure area of the processor.

The vulnerability of the AMD Secure Processor-based processors, including Ryzen, Ryzen Pro, and Ryzen Mobile, is related to deficiencies in the implementation of security functions. Exploiting this vulnerability allows an attacker who has access to the targeted computer and possesses administrato...

SUSE-SU-2018:0863-1 Security update for clamav

This update for clamav fixes the following issues: Security issues fixed: - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CH...

NVIDIA GPU Display Driver Unallocated Memory Write Vulnerability

NVIDIA GPU Display Driver is the GPU Graphics Processing Unit display driver. An unallocated memory write vulnerability exists in the DirectX 10 Usermode driver in the NVIDIA GPU Display Driver. An attacker could exploit this vulnerability via a specially crafted pixel shader to cause a write to...

AMD Ryzen, Ryzen Pro and Ryzen Mobile File Write Vulnerability

AMD Ryzen, Ryzen Pro, and Ryzen Mobile are central processing unit CPU products from AMD in the United States. A security vulnerability exists in AMD Ryzen, Ryzen Pro, and Ryzen Mobile, which arises from a program that makes it difficult to perform adequate access control on the Secure Processor...

openSUSE: Security Advisory for clamav (openSUSE-SU-2018:0825-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for clamav (important)

This update for clamav fixes the following issues: Security issues fixed: - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CH...

openSUSE Security Update : libvorbis (openSUSE-2018-308)

This update for libvorbis fixes the following issues : - CVE-2018-5146: Fixed out of bounds memory write while processing Vorbis audio data bsc1085687. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:0809-1)

This update for clamav fixes the following issues: Security issues fixed : - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted C...

Debian DLA-1319-1 : firefox-esr security update

Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code. For Debian 7 'Wheezy', these problems have been fixed in version 52.7.2esr-1deb7u1. We recommend that you upgrade your firefox-esr...

[SECURITY] [DLA 1319-1] firefox-esr security update

Package : firefox-esr Version : 52.7.2esr-1deb7u1 CVE ID : CVE-2018-5146 CVE-2018-5147 Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code. For Debian 7 "Wheezy", these problems have been...

SUSE-SU-2018:0809-1 Security update for clamav

This update for clamav fixes the following issues: Security issues fixed: - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CH...

Debian DLA-1312-1 : libvorbisidec security update

Huzaifa Sidhpurwala discovered that an out-of-bounds memory write in the codebook parsing code of the Libtremor multimedia library could result in the execution of arbitrary code if a malformed Vorbis file is opened. For Debian 7 'Wheezy', these problems have been fixed in version...

[SECURITY] [DLA 1312-1] libvorbisidec security update

Package : libvorbisidec Version : 1.0.2+svn18153-0.2+deb7u1 CVE ID : CVE-2018-5147 Huzaifa Sidhpurwala discovered that an out-of-bounds memory write in the codebook parsing code of the Libtremor multimedia library could result in the execution of arbitrary code if a malformed Vorbis file is opene...

NCR S1 Dispenser controller authentication vulnerability

CR S1 Dispenser controller is a dispenser control board product from NCR Corporation. A security vulnerability exists in the memory write mechanism in the NCR S1 Dispenser controller using firmware version 0x0108. An attacker can exploit this vulnerability to upgrade or downgrade the device...

NCR S2 Dispenser controller authentication vulnerability

NCR S2 Dispenser controller is a dispenser control board product from NCR Corporation. A security vulnerability exists in the memory write mechanism in the NCR S2 Dispenser controller using firmware version 0x0108. An attacker could exploit this vulnerability to upgrade or downgrade the device...

Mozilla Firefox ESR Security Advisories (MFSA2018-08, MFSA2018-08) - Windows

Mozilla Firefox ESR is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Firefox Security Advisories (MFSA2018-08, MFSA2018-08) - Mac OS X

Mozilla Firefox is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2018-5717

Memory write mechanism in NCR S2 Dispenser controller before firmware version 0x0108 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities...

CVE-2017-17668

Memory write mechanism in NCR S1 Dispenser controller before firmware version 0x0156 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities...

Design/Logic Flaw

Memory write mechanism in NCR S1 Dispenser controller before firmware version 0x0156 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities...