37 matches found
CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
DEBIAN-CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
Race condition
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
UBUNTU-CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
CVE-2018-18559
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain...
CVE-2018-3903
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call...
CVE-2017-9025
Heap buffer overflow in vshttpd aka ioos in HooToo Trip Mate 6 TM6 firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HTTP Cookie header...
Stack overflow
Stack buffer overflow in vshttpd aka ioos in HooToo Trip Mate 6 TM6 firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted fname parameter of a GET request...
CVE-2017-9025
Heap buffer overflow in vshttpd aka ioos in HooToo Trip Mate 6 TM6 firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted HTTP Cookie header...
Multiple vulnerabilities on sketchup
SketchUp is a 3D modeling program marketed by Trimble Navigation Limitedpreviously Google and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professions. SketchUp fails to validate the input when parsing different types of embedded...
MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption
This module exploits a memory corruption vulnerability within Microsoft's HTML engine mshtml. When parsing an HTML page containing a specially crafted CSS tag, memory corruption occurs that can lead arbitrary code execution. It seems like Microsoft code inadvertently increments a vtable pointer t...
Internet Explorer CSS Tags Memory Corruption
$Id: ms10xxxiecssclip.rb 10912 2010-11-05 00:08:55Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Symbian S60多媒体处理内存破坏漏洞
BUGTRAQ ID: 35590 Symbian S60是诺基亚智能手机所使用的操作系统。 S60操作系统的RealPlayer和彩信查看器所使用的多媒体处理代码中存在多个内存破坏漏洞,远程攻击者可以通过发送嵌入了视频文件的彩信来触发这些漏洞,导致控制程序计数器寄存器,在目标手机上执行任意代码。 以下函数库中存在这个漏洞: rarender.dll STH264HWDecHwDevice.dll clntcore.dll HxMmfCtrl.dll mdfh264payloadformat.dll MMFDevSound.dll ArmRV89Codec.dll Nokia Symbi...
FreeBSD-SA-99:02.profil
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-99:02 Security Advisory FreeBSD, Inc. Topic: Profiling Across Exec Calls Category: core Module: kernel Announced: 1999-09-04 Affects: FreeBSD 3.2 and earlier FreeBSD-current...