137 matches found
CVE-2021-31885
A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...
CVE-2021-22552
The CVE-2021-22552 entry concerns Google Asylo up to version 0.6.1, where an untrusted memory read vulnerability exists. The issue arises when an attacker can pass a syscall number in MessageReader, which is then used by sysno() and can bypass validation, enabling memory reads from within the sec...
Apple CoreMedia Buffer Error Vulnerability
Apple CoreMedia is an Apple Inc. core component used in mobile devices for processing media data. Apple CoreMedia suffers from a buffer error vulnerability that exists due to a boundary condition within the CoreMedia component in macOS. A remote attacker could create a specially crafted image and...
CVE-2020-8943
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to encuntrustedrecvfrom whose return size was not validated against the requested size. The parameter size is unchecked allowing the attacker to read memory locations outside of the...
CVE-2020-8940 Unchecked buffer overrun in enc_untrusted_recvmsg
An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to encuntrustedrecvmsg using an attacker controlled result parameter. The parameter size is unchecked allowing the attacker to read memory locations outside of the intended buffer size...
CVE-2019-8633
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory...
Multiple Apple Products WebKit Component Competitive Conditions Vulnerability
Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.WebKit is one of the web browser engine components. A competitive condition exists in the WebKit component of several Apple products. ...
Input validation
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.3. An application may be able to read restricted memory...
Apple macOS Catalina Wi-Fi Component Input Validation Error Vulnerability
Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the Wi-Fi component of Apple macOS Catalina prior to version 10.15.3. An attacker can exploit the vulnerability to read restricted memory with the help of an...
CVE-2019-3016
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD...
Apple macOS Mojave AppleGraphicsControl Component Out-of-Bounds Read Vulnerability
Apple macOS Mojave is an Apple operating system developed specifically for Mac computers.Apple Graphics Control is one of the integrated graphics drivers. A security vulnerability exists in the Apple GraphicsControl component of Apple macOS Mojave versions prior to 10.14.6. An attacker could...
UBUNTU-CVE-2019-14861
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the poorly named dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default...
CVE-2017-1000381
The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way...
SUSE-SU-2019:1123-1 Security update for yubico-piv-tool
This update for yubico-piv-tool fixes the following issues: Security issues fixed: - Fixed an buffer overflow and an out of bounds memory read in ykpivtransferdata, which could be triggered by a malicious token. CVE-2018-14779, bsc1104809, YSA-2018-03 - Fixed an buffer overflow and an out of boun...
CVE-2018-1000852
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvcmain.c, drdynvcprocesscapabilityrequest that can result in The RDP server can read the client's memory.. This attack appear to...
UBUNTU-CVE-2018-18359
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...
Apple macOS Out-of-Bounds Read Vulnerability
macOS is Apple's proprietary operating system for the Mac line of products. An out-of-bounds read vulnerability exists in the ATS component in Apple macOS Sierra 10.12.6, macOS High Sierra 10.13.6. An attacker can exploit the vulnerability to read restricted memory via an application...
Apple macOS High Sierra AppleGraphicsControl Memory Read Vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.AppleGraphicsControl is one of the integrated graphics drivers. A memory read vulnerability exists in the AppleGraphicsControl component of Apple macOS High Sierra version 10.13.6, which can be exploite...
Apple macOS High Sierra Intel Graphics Driver Memory Read Vulnerability
Apple macOS High Sierra is a dedicated operating system developed by Apple for Mac computers.Intel Graphics Driver is one of the drivers for the graphics card. A security vulnerability exists in the Intel Graphics Driver component of Apple macOS High Sierra version 10.13.6. The vulnerability can ...
hw: cpu: speculative store bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...