CVE-2019-14099

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C...

Buffer overflow

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C...

CVE-2019-14099

CVE-2019-14099 affects Qualcomm Snapdragon devices (multiple product lines) where device misbehavior occurs if user-space passes an incorrect offset, length, or number of buffers. The Initial Description lists affected Snapdragon families (Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Voic...

Debian DSA-4711-1 : coturn - security update

Several vulnerabilities were discovered in coturn, a TURN and STUN server for VoIP. - CVE-2020-4067 Felix Doerre reported that the STUN response buffer was not properly initialised, which could allow an attacker to leak bytes in the padding bytes from the connection of another client. -...

[SECURITY] [DSA 4711-1] coturn security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4711-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 29, 2020 https://www.debian.org/security/faq -...

Updated coturn packages fix security vulnerability

Updated the coturn package in order to fix some security vulnerabilities: httpserver.c: An exploitable heap overflow vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attack...

CVE-2020-6061

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability...

Heap overflow

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability...

CVE-2020-6061

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability...

GHSA-5W65-6875-RHQ8 Undefined Behavior in sailsjs-cacheman

All versions of sailsjs-cacheman have a vulnerability that may lead to Undefined Behavior. The config variable is exposing to the global scope which may overwrite other variables and cause the application to misbehave. Recommendation No fix is currently available. Consider using an alternative...

UBUNTU-CVE-2018-15470

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...

DNS Diagnostics & Performance Measurement Tools: DNSDiag

Ever been wondering if your ISP is hijacking your DNS traffic ? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to ma...

PHP 7.1.2 fsockopen Misbehavior

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Misbehavior of the "fsockopen" function product: PHP vulnerable version: 7.1.2 fixed version: CVE number: CVE-2017-7272 impact: Medium homepage: http://www.php.net/ found...

FreeBSD -- Possible login(1) argument injection in telnetd(8)

Problem Description: An unexpected sequence of memory allocation failures combined with insufficient error checking could result in the construction and execution of an argument sequence that was not intended. Impact: An attacker who controls the sequence of memory allocation failures and success...

CVE-2016-4603

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

Comment field on GH cards do not respect the comment visibility.

If you add the Comment field on any Issue Views on GH the field shows the latest comment but it doesn't inherit the comment visibility from Jira. This misbehaviour happens on Planning board and Task board with any GH views Summaries, Cards and Lists. Steps to Reproduce: Add the comment field to a...