EUVD-2019-11760

Malware in sbrugna...

EUVD-2019-4733

Malware in sbrugna...

CVE-2019-2118

In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8...

CVE-2019-13220

Use of uninitialized stack variables in the startdecoder function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from post-release reuse in ufshcscsicmd in ufs.c. There may be post-release reuse of stack variables...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2425)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2425 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

Moderate: Red Hat Security Advisory: sudo security update

A security update for sudo is now available for Red Hat Enterprise Linux 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2023-6693

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

kernel: drm/gud: Fix UBSAN warning

A flaw was found in the GUD Generic USB Display driver in the Linux kernel. Uninitialized iosysmap variables on the stack contain garbage values in their isiomem boolean field. When iosysmapclear checks this field, UBSAN flags it as an invalid boolean value, indicating potential undefined behavio...

CentOS 8 : virt:rhel (CESA-2019:3345)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3345 advisory. - QEMU: qxl: null pointer dereference while releasing spice resources CVE-2019-12155 - ntfs-3g: heap-based buffer overflow leads to local root privileg...

CVE-2020-14936

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmpoiddecodeoid may overwrite memory areas beyond the provided...

CVE-2017-14201 The shell DNS command can cause unpredictable results due to misuse of stack variables.

Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all...

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190806)

Security Fixes : - QEMU: Slirp: information leakage in tcpemu due to uninitialized stack variables CVE-2019-9824 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128257; scriptversion"1.4";...

CVE-2019-13220

Use of uninitialized stack variables in the startdecoder function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file...

CVE-2019-2118

In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8...

Information disclosure

In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8...

RHEL 6 : qemu-kvm (RHSA-2019:1650)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1650 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...

Remote Code Execution (RCE)

kernel is vulnerable to remote code execution RCE attacks. The vulnerability exists as the Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of...

Microsoft Edge Chakra JIT - Stack-to-Heap Copy Exploit

Exploit for windows platform in category dos / poc / If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those variables should no...

CVE-2017-1000410

Summary of CVE-2017-1000410 (Linux kernel info leak) : The vulnerability affects Linux kernel 3.3-rc1 and later in how L2CAP ConfigRequest/ConfigResponse are parsed. A stack variable (struct l2cap_conf_efs efs) is declared uninitialized and, depending on parsing flow and input, can be leaked back...