CVE-2021-26221

The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool...

About the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave

About the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave This document describes the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. About Apple security updates F...

PT-2020-11378 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a permissions bypass in the calc vm may flags function of ashmem.c, which could allow for an arbitrary write to shared memory. This could lead to a...

SUSE SLED12 / SLES12 Security Update : libcaca (SUSE-SU-2019:2745-1)

This update for libcaca fixes the following issues : Security issues fixed : CVE-2018-20544: Fixed a floating point exception at caca/dither.c bsc1120502 CVE-2018-20545: Fixed a WRITE memory access in the loadimage function at common-image.c for 4bpp bsc1120584 CVE-2018-20546: Fixed a READ memory...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1475)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denia...

PT-2019-18994 · Microsoft · Lha.Sys

Name of the Vulnerable Software and Affected Versions: LHA.sys driver versions prior to 1.1.1811.2101 Description: The issue allows low-privileged users to read and write arbitrary physical memory, potentially elevating system privileges. This is possible due to the device object having an...

CVE-2018-8794

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function processbitmapupdates and results in a memory corruption and possibly even a remote code execution...

Beebug - A Tool For Checking Exploitability

beebug is a tool that can be used to verify if a program crash could be exploitable. This tool was presented the first time at r2con 2018 in Barcelona. Some implemented functionality are: Stack overflow on libc Crash on Program Counter Crash on branch Crash on write memory Heap vulnerabilities Re...

CVE-2018-8868

Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit oth...

CVE-2018-0088

A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device. This could result in arbitrary code execution or a denial of service DoS...

CVE-2017-14260

In the SDK in Bento4 1.5.0-616, the AP4StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14259

In the SDK in Bento4 1.5.0-616, the AP4StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14260

In the SDK in Bento4 1.5.0-616, the AP4StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14259

In the SDK in Bento4 1.5.0-616, the AP4StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

Design/Logic Flaw

In the SDK in Bento4 1.5.0-616, the AP4StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14259

In the SDK in Bento4 1.5.0-616, the AP4StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14260

In the SDK in Bento4 1.5.0-616, the AP4StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14259

In the SDK in Bento4 1.5.0-616, the AP4StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arbitrary code by opening a crafted .MP4 file...

CVE-2017-14258

The CVE-2017-14258 entry applies to Bento4.0 SDK, specifically Bento4 1.5.0-616, where SetItemCount in Core/Ap4StscAtom.h contains a Write Memory Access Violation vulnerability. An attacker could exploit a crafted .MP4 file to potentially execute arbitrary code. The connected documents corroborat...

GStreamer gst-plugins-bad Plugin - NULL Pointer Dereference

GStreamer gst-plugins-bad Plugin - NULL Pointer Dereference Source: https://bugzilla.gnome.org/showbug.cgi?id=775120 The attached file will cause a null pointer access and segfault in the mpegts parser. Current git code, found with afl. ASAN stack trace:...