114 matches found
Design/Logic Flaw
E6878-370 with versions of 10.0.3.1H557SP27C233, 10.0.3.1H563SP1C00, 10.0.3.1H563SP1C233 has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could...
Security Advisory - Use After Free Vulnerability in Several Products
There is a use after free vulnerability in several products. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code...
Authentication flaw
In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...
CVE-2019-12822
In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...
CVE-2019-12822
In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...
Denial Of Service (DoS)
libsass.so is vulnerable to denial of service DoS. Failure to validate empty reference combinators in Inspect::operator causes an invalid memory reference, resulting in an application crash...
Design/Logic Flaw
NVIDIA Tegra library contains a vulnerability in libnvmmlitevideo.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161...
CVE-2018-18989
In CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior, when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code unde...
Code injection
When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application...
CVE-2018-1000807
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on...
CVE-2017-1000198
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handlerglfs.so handler resulting in denial of service...
Code injection
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/showbug.cgi?id=1167489c9 protection mechanism in place, which makes it...
CVE-2017-5928
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/showbug.cgi?id=1167489c9 protection mechanism in place, which makes it...
CVE-2017-5928
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/showbug.cgi?id=1167489c9 protection mechanism in place, which makes it...
CVE-2017-5928
CVE-2017-5928 maps to a timing-related vulnerability in the W3C High Resolution Time API. The issue arises because memory-reference times can be measured in ways Cited as a “Time to Tick” approach, which bypasses protection mechanisms (e.g., Mozilla’s 1167489#c9) and facilitates AnC-style attacks...
Adobe Flash Player & Compiler内存错误引用漏洞(CNVD-2015-07616)
No description provided by source...
Adobe Flash Player/AIR Memory Error Reference Vulnerability (CNVD-2015-06881)
FlashPlayer is a high-performance, lightweight and very expressive client-side runtime player. Adobe AIR is a technology developed for the integration of web and desktop applications. A memory misreference vulnerability exists in the implementation of Adobe Flash Player/AIR. A remote attacker can...
Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference PoC
No description provided by source. !/usr/bin/perl -w Hex Workshop v6 ColorMap files .cmap Invalid Memory Reference Crash POC Discovred by : DATASNIPER for more information vist my blog:http://datasniper.arab4services.net/ the Exploit it's very hard to implemented,if we can make the reference poin...
libjpeg multiple security vulnerabilities
Buffer overflow, uninitialized memory reference...
SuSE 11.1 Security Update : finch, libpurple and pidgin (SAT Patch Number 6294)
Various remote triggerable crashes in pidgin have been fixed : - In some situations the MSN server sends text that isn't UTF-8 encoded, and Pidgin fails to verify the text's encoding. In some cases this can lead to a crash when attempting to display the text . CVE-2012-1178 - Incoming messages wi...