CVE-2014-9779

arch/arm/mach-msm/qdsp6v2/msmaudioion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted offset, aka Android internal bug 28598347 and Qualcomm internal bug CR548679...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfcheckstreamoffset function in the cdf.c file of the Fileinfo component in PHP, due to the use of incorrect sector size data. Exploiting this vulnerability allows malicious actors to cause a service failure abnormal termination of the application by utilizing a...

Vulnerability of Python software, which allows a malicious actor to compromise the confidentiality of protected information

In Python, integer overflow allows access to memory contents, provided that larger size and offset values are passed as arguments to the buffer type...

DEBIAN-CVE-2016-4998

The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...

CVE-2016-4997

The compat IPTSOSETREPLACE and IP6TSOSETREPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service memory corruption by leveraging in-container root access to provide a crafted offset value that...

CVE-2016-4998

The IPTSOSETREPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service out-of-bounds read or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted...

CVE-2016-4997

The compat IPTSOSETREPLACE and IP6TSOSETREPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service memory corruption by leveraging in-container root access to provide a crafted offset value that...

CVE-2016-4540

Removed by vendor...

PHP Information Disclosure Vulnerability (CNVD-2016-02884)

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. PHP has a security vulnerability that allows remote attackers to exploit a vulnerability to read the 'offset' parameter from arbitrary memory...

PHP Information Disclosure Vulnerability (CNVD-2016-02886)

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. PHP has a security vulnerability that allows remote attackers to exploit a vulnerability to read the 'offset' parameter from arbitrary memory...

CVE-2016-4541

The graphemestrpos function in ext/intl/grapheme/graphemestring.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a negative offset...

UBUNTU-CVE-2016-4540

The graphemestripos function in ext/intl/grapheme/graphemestring.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a negative offset...

UBUNTU-CVE-2016-4541

The graphemestrpos function in ext/intl/grapheme/graphemestring.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a negative offset...

Mozilla Firefox and Firefox ESR libstagefright buffer overflow vulnerability

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open-source web browser; Firefox ESR is an extended-support version of Firefox. libstagefright is one of the hard-coding support libraries. A buffer overflow vulnerability exist...

Illustrated CVE-2 0 1 5-1 8 0 5-vulnerability warning-the black bar safety net

CVE-2 0 1 5-1 8 0 5 is a General-purpose linux kernel to any address write arbitrary value of vulnerability, this vulnerability worthy of commemoration, here with four double figure intuitive description about it: ! The initial memory layout ! First copy ! redo the second copy after ! Third copy...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.4.2 - pipe: Fix buffer offset after partially failed read Ben Hutchings Orabug: 22985903 CVE-2016-0774 CVE-2015-1805 CVE-2016-0774...

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object without checking the bounds then calls a virtual method...

kernel: pipe buffer state corruption after unsuccessful atomic read from pipe

It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space...

kernel security, bug fix, and enhancement update

2.6.32-573.22.1 - mm always decrement anonvma degree when the vma list is empty Jerome Marchand 1318364 1309898 2.6.32-573.21.1 - fs pipe: fix offset and len mismatch on pipeiovcopytouser failure Seth Jennings 1310148 1302223 CVE-2016-0774 - fs gfs2: Add missing else in transaddmeta/data Robert S...

Sysax Multi Server 6.50 - HTTP File Share SEH Overflow Remote Code Execution

Exploit for windows platform in category remote exploits Exploit Title: Sysax Multi Server 6.50 HTTP File Share SEH Overflow RCE Exploit Date: 03/21/2016 Exploit Author: Paul Purcell Contact: ptpxploit at gmail Vendor Homepage: http://www.sysax.com/ Vulnerable Version Download:...