CVE-2018-5886

CVE-2018-5886 describes a vulnerability where a pointer in an ADSPRPC command is not properly validated in CAF Android builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). The root cause is improper validation of a pointer in the ADSPRPC path, which can allow access t...

Null pointer dereference

Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges...

CVE-2018-7502

Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges...

CVE-2018-7502

Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges...

CVE-2018-7502

Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges...

Google Android Qualcomm Component Unauthorized Operation Vulnerability (CNVD-2017-26847)

Android is a Linux-based open-source operating system developed by Google and the Open Handheld Alliance OHA, and Qualcomm closed-source components are among the closed-source components developed by Qualcomm. A security vulnerability exists in the Qualcomm closed-source component in Android, whi...

CVE-2015-9060

In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call...

Design/Logic Flaw

In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call...

CVE-2015-8592

CVE-2015-8592 describes a vulnerability in Qualcomm closed‑source components used in Android CAF Linux builds where a reverse‑referenced pointer is not validated before dereference, potentially causing Guest‑OS memory corruption. Affected: Qualcomm components integrated into Android CAF/Linux ker...

CVE-2015-9060

CVE-2015-9060 affects Qualcomm products with CAF Android builds using the Linux kernel. The issue is a pointer validation flaw in a QTEE system call, as described in the CVE description. The connected documents confirm the root cause (improper pointer validation) and the affected context (Qualcom...

CVE-2015-9060

In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call...

CVE-2015-8592

In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption...

Integer overflow

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation...

CVE-2015-2310

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation...

CVE-2015-2310

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation...

CVE-2015-2310

Summary (CVE-2015-2310) : An integer overflow in Sandstorm Cap'n Proto’s layout.c++ causes a vulnerability when processing crafted messages. Affected versions are Cap'n Proto prior to 0.4.1.1 and 0.5.x prior to 0.5.1.1. The flaw, related to pointer validation, can allow remote peers to trigger a ...

CVE-2015-2310

Integer overflow in layout.c++ in Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service or possibly obtain sensitive information from memory via a crafted message, related to pointer validation...

Google Android Unauthorized Operation Vulnerability (CNVD-2017-11472)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android that stems from a QTEE system call that fails to validate a pointer. An attacker can exploit the vulnerability to perform unauthorized...

CVE-2015-9033

In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer...

CVE-2015-9033

CVE-2015-9033 is an Android CAF/Linux kernel issue where a QTEE system call fails to validate a pointer. Reported as a local vulnerability with high impact (confidentiality, integrity, availability) and requiring user interaction. Public references describe the root cause as pointer validation fa...