Omron CX-One Memory Misreference Vulnerability

Omron CX-One is an integrated toolkit from Omron, which includes software for networking, PT, inverters, temperature controllers, and PLC programming, etc. CX-Programmer is a PLC programming software, and CX-Server is a driver management tool. A memory misreference vulnerability exists in Omron...

CVE-2018-18993

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior. When processing project files, the application allows input data to exceed the buffer. An attacker could use a...

CVE-2018-18993

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior. When processing project files, the application allows input data to exceed the buffer. An attacker could use a...

Code injection

In CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior, when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code unde...

CVE-2018-18993

CVE-2018-18993 relates to two stack-based buffer overflow vulnerabilities in Omron CX-One (CX-Position module) affecting CX-One v4.42 and earlier, including CX-Programmer v9.66 and earlier and CX-Server v5.0.23 and earlier. The flaws occur when processing project files, allowing input data to exc...

CVE-2018-18993

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior. When processing project files, the application allows input data to exceed the buffer. An attacker could use a...

Design/Logic Flaw

In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD...

CVE-2018-11996

CVE-2018-11996 describes an out-of-bounds access in the Qualcomm device programmer when a malformed command is sent, affecting Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear platforms (versions including MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, ...

CVE-2018-5877

In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD...

Accused CIA Leaker Faces New Charges of Leaking Information From Prison

Joshua Adam Schulte , a 30-year-old former CIA computer programmer who was indicted over four months ago for masterminding the largest leak of classified information in the agency's history, has now been issued three new charges. The news comes just hours after Schulte wrote a letter to the feder...

BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack - Lenovo Support US

No description provided...

Identifying Programmers by their Coding Style

Fascinating research de-anonymizing code -- from either source code or compiled code: Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, have found...

Intel Quartus II Programmer and Tools Elevation of Privilege Vulnerability

Intel Quartus II Programmer and Tools is a set of tools for hardware programming from Intel USA. A security vulnerability exists in Intel Quartus II Programmer and Tools versions 11.0 through 15.0. A local attacker can exploit the vulnerability to execute arbitrary code...

Intel Quartus Prime Programmer and Tools Elevation of Privilege Vulnerability

Intel Quartus Prime Programmer and Tools is a hardware programming tool from Intel USA. A security vulnerability exists in Intel Quartus Prime Programmer and Tools versions 15.1 through 18.0. A local attacker can exploit the vulnerability to execute arbitrary code...

Design/Logic Flaw

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions. The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870...

CVE-2018-10631

The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection...

CVE-2018-10631 Medtronic N'Vision Clinician Programmer Protection Mechanism Failure

The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection...

CVE-2018-10631 Medtronic N'Vision Clinician Programmer Protection Mechanism Failure

The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection...

CVE-2018-10631

Summary (CVE-2018-10631) : The vulnerability affects Medtronic N’Vision Clinician Programmer 8840 and the 8870 removable Application Card. An attacker with physical access to the 8870 card and sufficient technical capability can modify the card’s contents, including binaries. If modified to bypas...

CVE-2018-3687

Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code...