2525 matches found
DEBIAN-CVE-2016-10253
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the...
Improper access control
Access control vulnerability in Intel Security Data Loss Prevention Endpoint DLPe 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get...
Security Advisory - Arbitrary Memory Read Write Vulnerability in Huawei Smart Phones
There is a arbitrary memory read/write vulnerability in the hardware security module of some Huawei smart phones due to the input parameters validation. An attacker with the root privilege of the Android system could exploit this vulnerability to read and write memory data anywhere or execute...
HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net
For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...
DEBIAN-CVE-2017-6305
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."...
UBUNTU-CVE-2017-6305
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."...
PT-2017-2443 · Aerospike · Aerospike Database Server
Name of the Vulnerable Software and Affected Versions: Aerospike Database Server version 3.10.0.3 Description: The issue is related to an out-of-bounds indexing vulnerability in the RW fabric message particle type. This can be triggered by a specially crafted packet, causing the server to fetch a...
NVIDIA Driver 375.70 - DxgkDdiEscape 0x100008b Out-of-Bounds Read/Write
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=985 The DxgkDdiEscape handler for 0x100008b accepts a user supplied size as the limit for a loop, leading to OOB reads and writes. The supplied PoC passes an invalid size of 0x41414141, which causes a crash in: int64 sub30A500int64...
shopify-scripts: Interger overflow in str_substr leading to read/write out of bound memory
Failed check len & beg in strsubstr when call mrbstrarefm by String. This can lead to read/write into invalid memory which may be memory corruption or RCE. this snippet causes a crash in mrubyi can't check mruby-engine by error undefined symbol rbutf8strnew : $b="B"2048 $expand=$b0x40,0x7fffffff...
CVE-2017-3363
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution
Advisory ID: SGMA16-004 Title: Microsoft Remote Desktop Client for Mac Remote Code Execution Product: Microsoft Remote Desktop Client for Mac Version: 8.0.36 and probably prior Vendor: www.microsoft.com Type: Arbitrary file read/write leads to RCE Risk level: 4 / 5 Credit:...
Design/Logic Flaw
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page...
KLA10951 ACE vulnerability in Google Chrome
Incorrect optimisation assumptions in V8 engine were found in Google Chrome. By exploiting this vulnerability malicious users can perform arbitrary read/write operations and execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTML page. Original advisorie...
CVE-2016-5198
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. Rece...
CVE-2015-8743
QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...
CVE-2015-8817
QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...
Design/Logic Flaw
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...
DEBIAN-CVE-2016-9576
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...
UBUNTU-CVE-2016-9576
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...
CVE-2016-9576
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...