321 matches found
moinejf abcm2ps buffer overflow vulnerability
moinejf abcm2ps is a command line program that converts music tunes from ABC notation to PostScript or SVG format. The 'getkey' function in the parse.c file and the 'delayedoutput' function in the music.c file in moinejf abcm2ps 8.13.16 and earlier versions have a Buffer Overflow Vulnerability. T...
Xen Project Microarchitectural Data Sampling Speculative Side-Channel Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (XSA-297)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by microarchitectural data sampling speculative side-channel vulnerabilities. These vulnerabilities may allow a local attacker on a guest machine to sample the contents of memory reads and...
mozilla: Integer overflow in Skia
Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...
CVE-2018-18987
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution...
openSUSE Security Update : unzip (openSUSE-2018-1124)
This update for unzip fixes the following security issues : - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to...
Security update for unzip (moderate)
This update for unzip fixes the following security issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to...
Kernel: speculative bounds check bypass store
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an...
CVE-2017-3197
GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...
SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1386-1) (Spectre)
This update for qemu fixes several issues. This security issue was fixed : - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all pri...
CVE-2018-3639
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Stor...
DEBIAN-CVE-2018-10536
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...
Broadcom BCM43xx Wi-Fi - BroadPWN Denial of Service Exploit
Exploit for Android platform in category dos / poc This Exploit allows arbitrary memory writes and reads. Running the specified payload within this package will write to the device's main CPU kernel, causing it to crash. More information about its origins here: http://boosterok.com/blog/broadpwn2...
CVE-2017-16550
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls...
The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit
The vulnerability of the FFmpeg multimedia library arises from buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to perform out-of-memory writes, related to the decodezbuf function in libavcodec/pngdec.c...
Debian DLA-980-1 : ming security update
It was found that ming, a library to parse and generate SWF Flash files, is susceptible to an integer overflow that would lead into out of bound memory writes via a maliciously crafted file. For Debian 7 'Wheezy', these problems have been fixed in version 1:0.4.4-1.1+deb7u3. We recommend that you...
Google Chrome V8 JavaScript Engine Out-of-Bounds Write Vulnerability
Google Chrome is a fast, secure and free web browser that is well suited to meet the browser requirements of new types of websites. A security vulnerability exists in the V8 JavaScript Engine in Google Chrome. A remote attacker can exploit the vulnerability to cause out-of-bounds memory writes wi...
Google Chrome Buffer Overflow Vulnerability (CNVD-2017-06708)
Google Chrome is a fast, secure and free web browser that is well suited to meet the browser requirements of new types of websites. An integer overflow vulnerability exists in FFmpeg in Google Chrome. A remote attacker can exploit this vulnerability to cause out-of-bounds memory writes with the...
Google Chrome Buffer Overflow Vulnerability (CNVD-2017-06710)
Google Chrome is a fast, secure and free web browser that is well suited to meet the browser requirements of new types of websites. An integer overflow vulnerability exists in FFmpeg in Google Chrome. A remote attacker can exploit this vulnerability to cause out-of-bounds memory writes with the...
Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12)
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...
SUSE SLES11 Security Update : gstreamer-0_10-plugins-good (SUSE-SU-2017:0225-1)
gstreamer-010-plugins-good was updated to fix six security issues. These security issues were fixed : - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 -...