The vulnerability of the onCreatePermissionRequest function in SettingsSliceProvider.java in the Android operating system, which allows a hacker to escalate their privileges.

The vulnerability of the onCreatePermissionRequest function in SettingsSliceProvider.java in the Android operating system is related to insecure management of permissions. Exploiting this vulnerability could allow a malicious actor to enhance their privileges...

CVE-2021-45680

An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption...

NetBSD 安全特征问题漏洞

NetBSD is an open source Unix-like operating system from the NetBSD Foundation. NetBSD suffers from a security signature issue vulnerability that stems from the use of a weak cryptographic PRNG for the IPv6 slice ID generation algorithm in versions of NetBSD up to 9.2...

Updated golang packages fix security vulnerability

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. CVE-2021-41771 Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a...

MGASA-2021-0537 Updated golang packages fix security vulnerability

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. CVE-2021-41771 Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a...

openSUSE 15 Security Update : go1.17 (openSUSE-SU-2021:3833-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3833-1 advisory. - ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End...

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

aiowrap (=0.1.0), ambisonic (>=0.1.0 <=0.3.1) +157 more potentially affected by CVE-2021-29938 via slice-deque (>=0.1.16 <=0.3.0)

slice-deque CARGO version =0.1.16, =0.1.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.8.0, =0.3.0, =0.3.0, =0.4.0, =0.8.0, =0.15.3 and more Source cves: CVE-2021-29938 Source advisory: OSV:GHSA-P9GF-GMFV-398M...

GHSA-P9GF-GMFV-398M Double free in slice-deque

An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drainfilter upon a panic in a predicate function...

GHSA-HVQC-PC78-X9WH Soundness issue in raw-cpuid

VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...

GHSA-9WGH-VJJ7-7433 Mutable reference with immutable provenance in image

A mutable reference to a struct was constructed by dereferencing a pointer obtained from slice::asptr. Instead, slice::asmutptr should have been called on the mutable slice argument. The former performs an implicit reborrow as an immutable shared reference which does not allow writing through the...

Mutable reference with immutable provenance in image

A mutable reference to a struct was constructed by dereferencing a pointer obtained from slice::asptr. Instead, slice::asmutptr should have been called on the mutable slice argument. The former performs an implicit reborrow as an immutable shared reference which does not allow writing through the...

buf-ref-reader (=0.3.0), buf_redux (>=0.7.0 <=0.8.1) +9 more potentially affected by CVE-2019-15543 via slice-deque (=0.1.16)

slice-deque CARGO version =0.1.16 is affected by a known vulnerability. The following packages have a transitive dependency on slice-deque and may be impacted: - buf-ref-reader =0.3.0 - bufredux =0.7.0, =0.1.0, =0.2.0, =0.1.0, =0.12.0, =0.1.0, =0.2.0 - seqio =0.3.0 - stocker =0.2.0 Source cves:...

GHSA-C3M3-C39Q-PV23 Out of bounds write in slice-deque

Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...

Out of bounds write in slice-deque

Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...

Memory corruption slice-deque

Affected versions of this crate did not properly update the head and tail of the deque when inserting and removing elements from the front if, before insertion or removal, the tail of the deque was in the mirrored memory region, and if, after insertion or removal, the head of the deque is exactly...