2 matches found
CVE-2018-9522
In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no additional execution privileges needed. User interaction is not...
CVE-2018-1000224
The CVE-2018-1000224 issue affects Godot Engine: vulnerable in (De)Serialization paths in core/io/marshalls.cpp across all versions earlier than 2.1.5 and 3.0 before 3.0.6. It exposes a Signed/unsigned comparison, wrong buffer size checks, integer overflow, and missing padding initialization, ena...