1363 matches found
Huawei EulerOS: Security Advisory for mesa (EulerOS-SA-2020-2415)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux: noexec option on /dev/shm
The noexec mount option specifies that the filesystem cannot contain executable binaries. Setting this option on a file system prevents users from executing programs from shared memory. This deters users from introducing potentially malicious software on the system. SPDX-FileCopyrightText: 2020...
EulerOS 2.0 SP9 : mesa (EulerOS-SA-2020-2415)
According to the version of the mesa package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the...
EulerOS 2.0 SP9 : mesa (EulerOS-SA-2020-2433)
According to the version of the mesa package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the...
Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9.
Summary IBM DB2 is shipped with IBM License Metric Tool. Information about a security vulnerabilities affecting IBM DB2 has been published in a security bulletin. Vulnerability Details CVEID: CVE-2020-4386 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10....
CVE-2020-14375
A flaw was found in dpdk. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validated it. The highest threat from this vulnerabilit...
CVE-2020-3621
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...
CVE-2020-3622
u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
CVE-2020-3620
u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
Design/Logic Flaw
u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
Memory corruption
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...
Integer overflow
u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
Memory corruption
u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon...
CVE-2020-3622
u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
CVE-2020-3622
CVE-2020-3622 refers to a vulnerability where a channel name string read from shared memory can be manipulated but not NULL-terminated, leading to potential memory corruption in Qualcomm Snapdragon components. Affected families include Snapdragon Auto/Compute/Connectivity, various Snapdragon SoCs...
CVE-2020-3621
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...
CVE-2019-13995
u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...
Experts Reported Security Bug in IBM's Db2 Data Management Software
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks. The flaw CVE-2020-4414, which impacts IBM Db2 V9.7, V10.1,...
Experts Reported Security Bug in IBM's Db2 Data Management Software
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks. The flaw CVE-2020-4414, which impacts IBM Db2 V9.7, V10.1,...
IBM DB2 9.7 < FP11 40162 / 10.1 < FP6 40161 / 10.5 < FP11 40160 / 11.1 < FP5 40159 / 11.5 < Mod 4 FP0 Multiple Vulnerabilities (UNIX)
According to its version, the installation of IBM DB2 running on the remote host is either 9.7 prior to Fix Pack 11 Special Build 40162, 10.1 prior to Fix Pack 6 Special Build 40161, 10.5 prior to Fix Pack 11 Special Build 40160, or 11.1 prior to Fix Pack 5 Special Build 40159, 11.5 prior to Mod ...