CVE-2021-29098

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 and earlier and ArcGIS Pro 2.7 and earlier allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user...

PT-2021-18083 · Esri · Esri Arcgis Server

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Server versions 10.8.1 and earlier Description: The issue arises from multiple uninitialized pointer vulnerabilities when parsing a specially crafted file. This allows an authenticated attacker with specialized permissions to...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

CVE-2020-27259

The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code...

CVE-2020-11138

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

Design/Logic Flaw

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

CVE-2020-11138

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

CVE-2020-11138

CVE-2020-11138 concerns Qualcomm Snapdragon components (notably in Snapdragon Auto/Compute/Connectivity/IoT/Wearables and related Snapdragon media paths) where uninitialized heap memory leads to uninitialized pointers during music playback with an incorrect bitstream, causing instability. The vul...

Nvidia GPU Display Driver Input Validation Error Vulnerability

NVIDIA GPU Display Driver is a driver software from NVIDIA Corporation for interactive support of graphics card display modules in operating systems. An input validation error vulnerability exists in Nvidia GPU Display Driver, which arises from improper validation of user pointers...

Qualcomm Qualcomm WIN TZ FW Buffer Error Vulnerability

Qualcomm WIN TZ FW is a Qualcomm Incorporated USA support firmware for use on processors. A security vulnerability exists in Qualcomm WIN TZ FW, which results in memory corruption due to a lack of checking the validation of buffer pointers passed to trustzone. The following products and versions...

Qualcomm WIN TZ FW Buffer Error Vulnerability

Qualcomm WIN TZ FW is a Qualcomm Incorporated USA support firmware for use on processors. The Qualcomm WIN TZ FW suffers from a buffer error vulnerability that stems from a lack of validation of pointer parameters passed to the Trustzone BSP, resulting in memory corruption. The following products...

Qualcomm WIN TZ FW Buffer Error Vulnerability

Qualcomm WIN TZ FW is a Qualcomm Incorporated USA support firmware for use on processors. The Qualcomm WIN TZ FW suffers from a buffer error vulnerability that stems from an information disclosure issue caused by not validating pointer parameters passed to the TZ BSP. The following products and...

CVE-2020-35881

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

CVE-2020-35860

An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code...

CVE-2020-35860

An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code...

Rust 代码问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A code issue vulnerability exists in cbox crate in versions of Mozilla Rust prior to 2020-03-19, which stems from the CBox API allowing dereferencing of raw pointers. No details of the vulnerability are provided...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in http crate in versions of Mozilla Rust prior to 0.1.20, which stems from HeaderMap:: The Drain API can use raw pointers to corrupt sound effects. No details of the vulnerabilit...

DEBIAN-CVE-2020-29570

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...