Heap-based Buffer Overflow in vim/vim

✍️ Description Hello, we hope this message finds you well during these challenging times. Whilst testing vim built from commit deba5e with Ubuntu clang version 12.0.0-3ubuntu120.04.3 and Address Sanitizer, we discovered crafted input which triggers a heap-buffer-overflow, WRITE of size 15. Please...

Prototype Pollution

Overview jsonpointer is a Simple JSON Addressing. Affected versions of this package are vulnerable to Prototype Pollution. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays. PoC const jsonpointer = require'jsonpointer'...

Assumed memory layout of std::net::SocketAddr

The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

GHSA-3VJM-36RR-7QRQ NULL Pointer Dereference in cbox

An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code...

Out of bounds access in rgb

Affected versions of rgb crate allow viewing and modifying data of any type T wrapped in RGB as bytes, and do not correctly constrain RGB and other wrapper structures to the types for which it is safe to do so. Safety violation possible for a type wrapped in RGB and similar wrapper structures: If...

GHSA-G4RW-8M5Q-6453 Out of bounds access in rgb

Affected versions of rgb crate allow viewing and modifying data of any type T wrapped in RGB as bytes, and do not correctly constrain RGB and other wrapper structures to the types for which it is safe to do so. Safety violation possible for a type wrapped in RGB and similar wrapper structures: If...

Use after free in string-interner

Affected versions of this crate did not clone contained strings when an interner is cloned. Interners have raw pointers to the contained strings, and they keep pointing the strings which the old interner owns, after the interner is cloned. If a new cloned interner is alive and the old original...

GHSA-C3M3-C39Q-PV23 Out of bounds write in slice-deque

Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...

The vulnerability of the `sysdeps/unix/sysv/linux/mq_notify.c` component in the glibc library allows a attacker to cause a service failure.

The vulnerability of the sysdeps/unix/sysv/linux/mqnotify.c component of the glibc library is related to the handling of zero pointers. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

CVE-2020-25767

An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnccopyin routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet e.g., forward compression pointer jumps are allowed, which leads to an Out-of-bounds...

Google TensorFlow code issue vulnerability (CNVD-2021-64540)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which could be exploited to cause undefined behavior by binding references to null pointers in all binary "cwise" operations that do not require...

Google TensorFlow代码问题漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which could be exploited to cause undefined behavior by binding references to null pointers in all binary "cwise" operations that do not require...

Siemens Solid Edge Buffer Overflow Vulnerability (CNVD-2021-61127)

Siemens Solid Edge is a 3D CAD software from Siemens, Germany. The software can be used in industries such as part design, assembly design, sheet metal design, welding design, etc. A buffer overflow vulnerability exists in Siemens Solid Edge, which stems from the lack of proper validation of the...

多款Qualcomm产品资源管理错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. A resource management error vulnerability exists in Qualcomm chips that stems...

Nvidia vGPU Software 安全漏洞

Nvidia vGPU Software is a management software from Nvidia, USA for providing GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerability...

Denial of Service Vulnerability in Proficy Machine Edition fxVersaPro

General Electric GE companies are multinational corporations that provide technology and service businesses. A denial of service vulnerability exists in Proficy Machine Edition fxVersaPro, which can be exploited by an attacker to cause a null pointer dereference to occur when indexing function...

PT-2021-6954 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insufficient access restrictions in the Win32k component of Microsoft Windows, allowing an attacker to potentially elevate their privileges. This could...

Contiki-NG out-of-bounds write vulnerability (CNVD-2021-44269)

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in the rplextheadersrhupdate function in rpl-ext-header.c in the RPL-Classic and RPL-Lite implementations of Contiki-NG prior to version 4.6. The vulnerability...

klibc input validation error vulnerability (CNVD-2021-54001)

klibc is an application program. Provides the ability to work with as many early starts from kernel space as possible. klibc versions prior to 2.0.9 are vulnerable to an input validation error that stems from an integer overflow in the cpio command that could lead to dereferencing NULL pointers o...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists due to an undefined behavior in tf.rawops.MaxPool3DGradGrad by dereferencing null pointers backing attacker-supplied empty tensors...