Mozilla's Firefox 85 for Windows has a weak DACL for domain networks.
51ec5afa13bba26be3fb02a3fedaa898The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance.
a07ebf4a753f14e46c966e23a4c3cf0bAndroid suffers from memory disclosure, out-of-bounds write, and double-free vulnerabilities in NFC's Felica tag handling.
8d8d54d0917860623f3f6575fafe62b0Android suffers from an out-of-bounds write in the NFC stack when handling MIFARE Classic TLVs.
1876be15a92df0d791bf35ae3be87ae4xscreensaver suffers from a raw socket leak vulnerability. Proof of concept exploit demonstrates running tcpdump via this issue.
48106b83c9aba927ebf03a5ccbadc196The access limit check for non-local admins when accessing the SCM remotely can be bypassed by requesting MAXIMUM_ALLOWED, leading to gaining access to start services etc.
281e52fe6059770b5acb2e965164e4a3A radio proximity kernel memory corruption vulnerability exists in iOS and macOS due to bad state machine in BSS steering.
5ff730e5556e80e223e58b23eca60fa1Adobe Reader suffers from a CoolType arbitrary stack manipulation vulnerability.
07bd21c6148b74a3ebd51754bc5c4290CoreGraphics can be made to write out-of-bounds memory when rendering a specially crafted font. This vulnerability can also be triggered through Safari. The vulnerability was confirmed on macOS Big Sur version 11.1.
e9e23aad1bac7d9d3a5382c82a4cc581Microsoft Windows kernel suffers from a use-after-free of the PDEVOBJ object via a race condition vulnerability in NtGdiGetDeviceCapsAll.
31454c2dcf01b0dc4bbe498526c27f84The bd daemon, which runs as part of the F5 BIG-IP Application Security Manager (ASM), is vulnerable to a stack-based buffer overflow when processing overlong HTTP response headers in the is_hdr_criteria_matches function.
fb4bb5a73422ead38863ca80421b7215Big IP's Traffic Management Microkernels (TMM) URI normalization incorrectly handles invalid IPv6 hostnames allowing for information disclosure and an out-of-bounds write condition.
7bbc96ec1d50a3a238d0764ad16101eaMicrosoft Windows Containers Host Registry Virtual Registry Provider does not correctly handle relative opens leading to a process in a server silo being able to access the host registry leading to elevation of privilege.
6305bd287c8bfb28100d961cbddfdabbThe standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user.
70e9e9e164d2ee60daaa05a5afd67fe4Microsoft Windows has an issue with containers where the kernel incorrectly chooses the wrong silo when looking up the root object manager directory leading to elevation of privilege.
d249fdb9dab1efdef449b7c32504cdc9There is an out-of-bounds write vulnerability in WindowsCodecsRaw.dll in the COlympusE300LoadRaw::olympus_e300_load_raw function that can be triggered by parsing a crafted Olympus E300 raw image with Windows Imaging Component (WIC). The vulnerability has been reproduced on Windows 10 64-bit with the most recent patches applied.
815147d984fdba3d24de7e30eaacb8fbPackage Control suffers from an arbitrary file write vulnerability.
fc1001c8bbe8a7cae533f770aa149604Microsoft DirectWrite suffers from a heap-based buffer overflow vulnerability in fsg_ExecuteGlyph while processing variable TTF fonts.
2de67da6a3c68e4e7554e5dc2ee4743eChrome suffers from an out-of-bounds read vulnerability in network DataElement struct traits.
73c96566e94e07ed3318c4a92b7a01b4Microsoft Windows has a privilege escalation vulnerability. When a process is running in a server silo, the checks for trusted hive registry key symbolic links is disabled leading to elevation of privilege.
91697f9020080e5254805aa5e5e1cc57Chrome suffers from a heap buffer overflow in ClipboardWin::WriteBitmap.
e662c8bbb6a52764c274f15d1f509097Chrome suffers from a heap buffer overflow vulnerability in SkBitmapOperations::UnPreMultiply.
32c9b241209db64702e60f06a67675c4Apple CoreText libType1Scaler.dylib suffers from a heap out-of-bounds-write due to an integer overflow vulnerability in STOREWV othersubr.
b33deb9c9fd77bb9f85fcccf5c952979Apple CoreText libFontParser.dylib suffers from a stack corruption vulnerability in the handling of /BlendDesignPositions Type 1 objects.
c178252e4ec3ca797a19785947f03896Apple CoreText libType1Scaler.dylib suffers from a heap buffer overflow vulnerability in the Counter Control Hints.
c4ea7a179bb02915471d29ae7a729d9e
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed