425 matches found
Multiple Apple Products Kernel Out-of-Bounds Read Vulnerability
Apple iOS is an operating system developed for mobile devices; macOS Sierra, macOS High Sierra, and macOS Mojave are different versions of a specialized operating system developed for Mac computers; tvOS is a smart TV operating system. Kernel is one of the kernel components. An out-of-bounds read...
Valve: GoldSrc: Buffer Overflow in DELTA_ParseDelta function leads to RCE
Description The bug is triggered by 2 packets. First one is svcdeltadescription which describes memory layout of such structures as eventt, weapondatat, ... It is sent as a list of fields' descriptions: type, offset and others. Next, DELTAParseDelta fills these structures when corresponding delta...
Multiple Apple Products Kernel Information Disclosure Vulnerability
Apple iOS, tvOS, watchOS, and macOS High Sierra are products of Apple Inc. Apple iOS is an operating system for mobile devices; tvOS is a smart TV operating system; watchOS is a smart watch operating system; and macOS High Sierra is a specialized operating system developed for Mac computers. Sier...
Integer overflow
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...
CVE-2019-6250
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...
DEBIAN-CVE-2018-20022
LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...
Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability
Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need t...
CVE-2018-4171
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties...
CVE-2018-4171
CVE-2018-4171 affects macOS Bluetooth in macOS before 10.13.5. The vulnerability, an information-disclosure issue in the Bluetooth component, allows a crafted application (leveraging device properties) to obtain sensitive kernel memory-layout information. Apple’s security update HT208849 for macO...
CVE-2018-4171
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties...
Apple macOS High Sierra Bluetooth Information Disclosure Vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.Bluetooth is one of the Bluetooth components. A security vulnerability exists in the device properties of the Bluetooth component in Apple macOS High Sierra versions prior to 10.13.5. An attacker can...
CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net
2018 5 on 15 September, ESET released the article“A tale of two zero-days”, the article disclosed this year 3 month ESET in malware scan engine VirusTotal on the capture of the one used to attack the test PDF document. The PDF document contains a sample of two pieces of 0-day Vulnerability,...
Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")
Overview Some platforms with integrated GPUs, such as smartphones, may allow both side-channel and rowhammer attacks via WebGL, which may allow a remote attacker to compromise the browser on an affected platform. An attack technique that leverages these vulnerabilities is called "GLitch."...
kernel: Missing permission check in move_pages system call
The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...
kernel: Missing permission check in move_pages system call
The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...
BlackBerry QNX Software Development Platform Information Disclosure Vulnerability
The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of QNX SDP in BlackBerry QNX SDP...
BlackBerry QNX Software Development Platform Information Disclosure Vulnerability (CNVD-2017-37268)
The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of the QNX SDP in BlackBerry QNX S...
CVE-2017-9369
In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...
CVE-2017-3892
In BlackBerry QNX Software Development Platform SDP 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs...
Information disclosure
In BlackBerry QNX Software Development Platform SDP 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs...