CVE-2018-12203

Denial of service vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel Core Processor, 7th Generation Intel Core Processor may allow privileged user to potentially execute arbitrary code via local access...

CVE-2018-12202

Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation IntelR Core Processor, 7th Generation IntelR Core Processor may allow privileged user to potentially leverage existing features via local access...

CVE-2018-12202

Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation IntelR Core Processor, 7th Generation IntelR Core Processor may allow privileged user to potentially leverage existing features via local access...

CVE-2018-12202

CVE-2018-12202 is a privilege-escalation flaw in Platform Sample/Silicon Reference firmware affecting Intel 8th/7th Gen Core processors. A privileged local user could leverage existing features to escalate privileges; Intel’s advisory and Lenovo threat coverage indicate mitigation via firmware up...

CVE-2018-12202

Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation IntelR Core Processor, 7th Generation IntelR Core Processor may allow privileged user to potentially leverage existing features via local access...

CVE-2018-12201

CVE-2018-12201 is a buffer overflow vulnerability in Platform Sample/Silicon Reference firmware affecting multiple Intel processors (8th/7th Gen Core, Pentium Silver J5005/N5000, Celeron J4105/J4005/N4100/N4000) that could allow a privileged user to execute arbitrary code via local access. Relate...

CVE-2018-12203

CVE-2018-12203 is a Denial of Service vulnerability in Intel Platform Sample/Silicon Reference firmware for 8th/7th Gen Intel Core processors. The available connected sources indicate it could allow a privileged user to potentially execute arbitrary code via local access. Intel’s advisory INTEL-S...

perfetto/trace_processor_fuzzer: Crash in perfetto::trace_processor::ProtoTraceParser::ParseTypedFtraceToRaw

Project: https://android.googlesource.com/platform/external/perfetto/ Detailed report: https://oss-fuzz.com/testcase?key=5740416861732864 Project: perfetto Fuzzer: libFuzzerperfettotraceprocessorfuzzer Fuzz target binary: traceprocessorfuzzer Job Type: libfuzzerasanperfetto Platform Id: linux Cra...

Intel CPU Spoiler vulnerability alerts-a vulnerability alert-the black bar safety net

Spoiler is the researchers found that the impact of the Intel microprocessor architecture of a speculative attack a speculative attack is a new microprocessor disclosure vulnerability that leaks is about the physical page to the user space process mapping of key information. Spoiler with 2018 1 o...

(Pwn2Own) Samsung Galaxy S8 Shannon Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the handling of Status Information Element...

perfetto/trace_processor_fuzzer: Global-buffer-overflow in perfetto::trace_processor::ParseSystraceTracePoint

Project: https://android.googlesource.com/platform/external/perfetto/ Detailed report: https://oss-fuzz.com/testcase?key=5678248283865088 Project: perfetto Fuzzer: libFuzzerperfettotraceprocessorfuzzer Fuzz target binary: traceprocessorfuzzer Job Type: libfuzzerasanperfetto Platform Id: linux Cra...

NVIDIA Windows GPU Display Driver Denial of Service Vulnerability (CNVD-2019-28600)

NVIDIA Windows GPU Display Driver is a graphics processor GPU graphics card driver dedicated to the Windows platform. The NVIDIA Windows GPU Display Driver denial of service vulnerability can be exploited by attackers to cause a denial of service or elevation of privilege...

Debian: Security Advisory (DLA-1694-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-9142

An issue was discovered in b3log Symphony aka Sym before v3.4.7. XSS exists via the userIntro and userNickname fields to processor/SettingsProcessor.java...

Reko - A General Purpose Binary Decompiler

Reko Swedish: "decent, obliging" is a C project containing a decompiler for machine code binaries. This project is freely available under the GNU General Public License. The project consists of front ends, core decompiler engine, and back ends to help it achieve its goals. A command-line, a Windo...

DEBIAN-CVE-2018-5819

An error within the "parsesinaria" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources...

DEBIAN-CVE-2018-20030

An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources...

[SECURITY] Fedora 29 Update: jackson-databind-2.9.8-1.fc29

The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration...

CVE-2018-15617 Communication Manager Denial of Service

A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...

Debian DLA-1646-1 : qemu security update

Several vulnerabilities were found in QEMU, a fast processor emulator : CVE-2018-17958 The rtl8139 emulator is affected by an integer overflow and subsequent buffer overflow. This vulnerability might be triggered by remote attackers with crafted packets to perform denial of service via OOB stack...