RUSTSEC-2020-0027 traitobject assumes the layout of fat pointers

This crate gets the data pointer from fat pointers assuming that the first element in a fat pointer is the data pointer. This is currently true, but it may change in a future Rust version, leading to memory corruption. This has been fixed in the master branch of the crate, but is has not been...

traitobject assumes the layout of fat pointers

This crate gets the data pointer from fat pointers assuming that the first element in a fat pointer is the data pointer. This is currently true, but it may change in a future Rust version, leading to memory corruption. This has been fixed in the master branch of the crate, but is has not been...

Denial Of Service (DoS)

The Simple Protocol for Independent Computing Environments SPICE is vulnerable to Denial Of Service DoS. It was found that the libspice component of QEMU-KVM on the host did not validate all pointers provided from a guest system's QXL graphics card driver. A privileged guest user could use this...

Unspecified vulnerability in USB gadget driver for Samsung mobile devices

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A security vulnerability in the USB gadget driver for Samsung mobile devices caused an attacker to leak kernel pointers...

CVE-2017-17855

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars...

Videolabs libmicrodns Denial of Service Vulnerability

Videolabs libmicrodns is a cross-platform mDNS multicast DNS resolver from Videolabs Labs in France. A security vulnerability exists in the resource record parsing feature of Videolabs libmicrodns version 0.1.0, which is caused by the program using compressed pointers without recursive checking...

CBox API allows to de-reference raw pointers without `unsafe` code

CBox and CSemiBox are part of the public API of the cbox crate and they allow to create smart pointers from raw pointers and de-reference them without the need of unsafe code...

RUSTSEC-2020-0005 CBox API allows to de-reference raw pointers without `unsafe` code

CBox and CSemiBox are part of the public API of the cbox crate and they allow to create smart pointers from raw pointers and de-reference them without the need of unsafe code...

CVE-2019-14044

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24...

CVE-2020-8508

nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled...

CVE-2020-8508

nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled...

Code injection

nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled...

CVE-2019-20172

Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers into the kernel-only virtual address space, which allows local users to gain privileges by overwriting a return address that was found on the kernel stack...

Rockwell Automation Arena Simulation Software Cat. 9502-Ax Buffer Overflow Vulnerability

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A security vulnerability exists in Rockwell Automation Arena Simulation Software Cat. 9502-Ax 16.00.00 and earlier versions. An attacker c...

NVIDIA Windows GPU Display Driver Denial of Service Vulnerability (CNVD-2019-40475)

NVIDIA Windows GPU Display Driver is a graphics processor GPU graphics card driver from NVIDIA dedicated to the Windows platform. A denial of service vulnerability exists in the kernel mode layer nvlddmkm.sys of the NVIDIA Windows GPU Display Driver. The vulnerability stems from a program that...

CVE-2018-4002

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...

CVE-2018-4002

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...

Denial of service

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...

CVE-2018-4002

The CVE-2018-4002 issue affects CUJO Smart Firewall (firmware 7003) mdnscap, where mdnscap’s mDNS label parsing mishandles compression pointers, creating an uncontrolled recursion that exhausts the call stack and crashes the mdnscap process. An unauthenticated remote attacker can send specially c...

CVE-2018-4002

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack,...