1351 matches found
Integer overflow
u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
CVE-2020-3622
CVE-2020-3622 refers to a vulnerability where a channel name string read from shared memory can be manipulated but not NULL-terminated, leading to potential memory corruption in Qualcomm Snapdragon components. Affected families include Snapdragon Auto/Compute/Connectivity, various Snapdragon SoCs...
CVE-2020-3622
u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
CVE-2020-3621
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...
CVE-2019-13995
u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
Experts Reported Security Bug in IBM's Db2 Data Management Software
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks. The flaw CVE-2020-4414, which impacts IBM Db2 V9.7, V10.1,...
Experts Reported Security Bug in IBM's Db2 Data Management Software
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks. The flaw CVE-2020-4414, which impacts IBM Db2 V9.7, V10.1,...
IBM DB2 9.7 < FP11 40162 / 10.1 < FP6 40161 / 10.5 < FP11 40160 / 11.1 < FP5 40159 / 11.5 < Mod 4 FP0 Multiple Vulnerabilities (UNIX)
According to its version, the installation of IBM DB2 running on the remote host is either 9.7 prior to Fix Pack 11 Special Build 40162, 10.1 prior to Fix Pack 6 Special Build 40161, 10.5 prior to Fix Pack 11 Special Build 40160, or 11.1 prior to Fix Pack 5 Special Build 40159, 11.5 prior to Mod ...
CVE-2020-15581
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...
CVE-2020-15581
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...
CVE-2020-15581
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 July 2020...
CVE-2020-15581
CVE-2020-15581 affects Samsung mobile devices running O(8.x), P(9.0), and Q(10.0). The issue is in the kernel logging feature, which can allow attackers to discover virtual addresses via vectors involving shared memory. The reported impact is partial disclosure of data (confidentiality impact) wi...
CVE-2020-4414
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerabili...
CVE-2020-4414
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerabili...
Code injection
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerabili...
CVE-2020-4414
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerabili...
Cisco Webex Meetings Desktop App for Windows Shared Memory Information Disclosure (cisco-sa-webex-client-NBmqM9vt)
According to its self-reported version, Cisco Webex Meetings Desktop App for Windows is affected by an information disclosure vulnerability due to unsafe usage of shared memory. An authenticated, local attacker can exploit this, by running an application on the local system tha tis designed to re...
CVE-2020-3347
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. The vulnerability is due to unsafe usage of shared memory that is used by the affected software. An attacker with permissions...
CVE-2020-3347
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. The vulnerability is due to unsafe usage of shared memory that is used by the affected software. An attacker with permissions...