1085 matches found
USN-3847-1 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities
It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2018-10902 It was discovered that an integer overr...
CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...
CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...
CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...
UBUNTU-CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...
python-django: Open redirect and possible XSS attack via user-supplied numeric redirect URLs
A redirect flaw, where the issafeurl function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard...
Delta Electronics CNCSoft and ScreenEditor Out-of-Bounds Read Vulnerability
Delta Electronics CNCSoft and ScreenEditor are products of Delta Electronics, a CNC machine simulation system software and ScreenEditor, a HMI programming software. An out-of-bounds read vulnerability exists in Delta Electronics CNCSoft version 1.00.83 and earlier and ScreenEditor version 1.00.54...
mruby number error vulnerability
mruby is a lightweight implementation of the Ruby language. A numeric error vulnerability exists in mruby. An attacker can exploit this vulnerability to access memory across boundaries...
EXGROUP Numeric Error Vulnerability
EXGROUP is an Ether-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function in EXGROUP's smart contract implementation. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...
The vulnerability of the Qualcomm Video Services component in the Android operating system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of Qualcomm Video Services on the Android operating system is due to a numerical overflow condition. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Multiple Dell Products Brute Force Vulnerabilities
Dell EMC iDRAC6, among others, is a system management solution that includes both hardware and software from Dell USA. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems. A security vulnerability exists in multiple Dell products that stems...
PT-2018-6057
Name of the Vulnerable Software and Affected Versions: Request versions 2.2.6 through 2.46.9 Request versions 2.51.0 through 2.67.0 Description: The issue affects the Request library when a multipart request is made and the body type is a number. In such cases, a buffer of the specified size is...
CVE-2017-17315
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...
Input validation
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...
CVE-2017-17315
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...
CVE-2017-17315
The CVE-2017-17315 issue affects Huawei DP300 (V500R002C00), RP200 (V600R006C00), TE30/V500R002C00, TE40/V500R002C00, TE50/V500R002C00, TE60/V100R001C10, and related V600R006C00 variants. Root cause: improper validation of specially crafted SCCP messages, leading to numeric errors when handling m...
CVE-2017-17315
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCC...
Security Advisory - Numeric Errors Vulnerability in Some Huawei Products
Some Huawei products have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause...
The vulnerability of the Qualcomm EXIF analyzer in the Android operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Qualcomm EXIF analyzer for the Android operating system is due to a numerical overflow condition. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
WordPress Responsive Cookie Consent plugin authentication cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up personal blog site.Responsive Cookie Consent plugin is used in which a cookie confirmation plugin. A security vulnerability exists in...