1658 matches found
Mozilla: Potential use-after-free in uses of nsTArray
If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...
Denial Of Service (DoS)
firefox is vulnerable to denial of service DoS. The vulnerability exists when the Compact method was called on an nsTArray, allowing the array to be reallocated without updating other pointers...
IBM Tivoli Storage Manager 5.2.0.1 Buffer Overflow
Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...
PT-2020-6639 · Nvidia +2 · Nvidia Gpu Display Driver +2
Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows and Linux affected versions not specified Description: The issue is related to a vulnerability in the kernel mode layer handlers for control calls with embedded parameters, where dereferencing an untruste...
Trend Micro Antivirus for Mac Information Disclosure Vulnerability
Trend Micro Antivirus for Mac is a set of antivirus software based on Mac platform from Trend Micro. A security vulnerability exists in Trend Micro Antivirus for Mac 2020 Consumer that stems from an error message information disclosure vulnerability, which can be exploited by an attacker to cause...
CVE-2020-27015
Trend Micro Antivirus for Mac 2020 Consumer contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order...
Information disclosure
Trend Micro Antivirus for Mac 2020 Consumer contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order...
CVE-2020-27015
Trend Micro Antivirus for Mac 2020 Consumer contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order...
Unspecified Vulnerability in GNU C Library (CNVD-2021-26206)
The GNU C Library glibc, libc6 is an open-source, free C language compiler released under the LGPL license.Library is one of the libraries. A security vulnerability exists in the GNU C Library aka glibc versions prior to 2.2. The vulnerability stems from a missing statement about the unspecified...
PYSEC-2020-271
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...
PYSEC-2020-271
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...
Google Android OMX parser information disclosure vulnerability
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. An information disclosure vulnerability exists in Android-11 version OMX parser. The vulnerability stems from the return of raw pointers, which can be exploited by an attacker to cause informatio...
UBUNTU-CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
Information disclosure
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
CVE-2020-25016 affects the rgb crate for Rust, up to and including versions before 0.8.20. The vulnerability arises because RGB wrappers allow treating underlying data as bytes, enabling reading/writing of memory as raw bytes. This can lead to dereferencing arbitrary pointers or disclosure of uni...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2019-18619
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave all versions prior to 2019-11-15 allows a local user to execute arbitrary code in the enclave that can compromise confidentiality of enclave data via APIs that accept invalid pointers...
Code injection
Incorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave all versions prior to 2019-11-15 allows a local user to execute arbitrary code in the enclave that can compromise confidentiality of enclave data via APIs that accept invalid pointers...
Denial Of Service (DoS)
libvncserver.so is vulnerable to denial of service DoS. The vulnerability exists through accessing byte-aligned data through uint16t pointers in libvncserver/translate.c, causing an application crash...