Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in Google Asylo version 0.6.0 and...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. A unauthorized write to immutable memory region results in a segmentation fault and an application crash...

Google Android Buffer Error Vulnerability

Google Android is a Linux-based open source operating system from Google Inc. in the United States. Google Android Pixel suffers from a buffer error vulnerability that originates when a networked system or product performs an operation in memory without properly validating data boundaries,...

CVE-2020-14305

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this...

CVE-2020-25664

A flaw was found in ImageMagick. A specially crafted image could cause an out-of-bounds memory write leading to a crash. The highest threat from this vulnerability is to system availability...

Out-of-bounds

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index...

Security Bulletin: Vulnerability in httpd affects IBM Integrated Analytics System

Summary Redhat provided httpd is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-15710 DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by an out-of-bounds memory write error. By...

The vulnerability of the lmp_print_data_link_subobjs() function in the tcpdump utility for capturing and analyzing network traffic allows a hacker to induce a service failure.

The vulnerability of the lmpprintdatalinksubobjs function print-lmp.c in the packet capture and analysis tool tcpdump is related to the operation of writing data out of the buffer into memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid

An out-of-bounds memory write issue was found in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulti...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to writing data beyond the buffer in memory. This allows attackers to execute arbitrary code and disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 are related to data writing beyond the buffer limits in memory. Exploiting these...

CVE-2020-9331

CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation by local users with the SeChangeNotifyPrivilege right because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space...

CVE-2019-14715

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...

Design/Logic Flaw

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...

CVE-2019-14715

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation...

CVE-2020-9870

A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code...

CVE-2020-9870

A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code...

CVE-2020-9870

A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code...

CLSA-2020-1605798462 Fix of 227 CVE

Fix bug 69720: Null pointer dereference in phargetfpoffset - Fix bug 70728: Type Confusion Vulnerability in PHPtoXMLRPCworker - Fix bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization - Fix bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability - Fix bug...

Fix of 227 CVE

Fix bug 69720: Null pointer dereference in phargetfpoffset - Fix bug 70728: Type Confusion Vulnerability in PHPtoXMLRPCworker - Fix bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization - Fix bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability - Fix bug...

Design/Logic Flaw

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of...