retdec 缓冲区错误漏洞

RetDec is a redirectable machine code decompiler based on LLVM. A heap buffer overflow vulnerability exists in the canSplitFunctionOn function of irmodifications.cpp in RetDec version 3.3. An attacker can exploit this vulnerability to cause an out-of-bounds read, which can lead to a denial of...

CVE-2020-7068

In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, pharparsezipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure...

CVE-2018-8239

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

Windows Kernel stack memory disclosure in nt!NtQueryInformationProcess(CVE-2017-8476)

We have discovered that the nt!NtQueryInformationProcess system call called with the ProcessVmCounters information class discloses portions of uninitialized kernel stack memory to user-mode clients, due to output structure alignment holes. On our test Windows 10 32-bit workstation, an example...

Gentoo Security Advisory GLSA 200504-18 (Mozilla)

The remote host is missing updates announced in advisory GLSA 200504-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...