Package Control suffers from an arbitrary file write vulnerability.
fc1001c8bbe8a7cae533f770aa149604Microsoft DirectWrite suffers from a heap-based buffer overflow vulnerability in fsg_ExecuteGlyph while processing variable TTF fonts.
2de67da6a3c68e4e7554e5dc2ee4743eChrome suffers from an out-of-bounds read vulnerability in network DataElement struct traits.
73c96566e94e07ed3318c4a92b7a01b4Microsoft Windows has a privilege escalation vulnerability. When a process is running in a server silo, the checks for trusted hive registry key symbolic links is disabled leading to elevation of privilege.
91697f9020080e5254805aa5e5e1cc57Chrome suffers from a heap buffer overflow in ClipboardWin::WriteBitmap.
e662c8bbb6a52764c274f15d1f509097Chrome suffers from a heap buffer overflow vulnerability in SkBitmapOperations::UnPreMultiply.
32c9b241209db64702e60f06a67675c4Apple CoreText libType1Scaler.dylib suffers from a heap out-of-bounds-write due to an integer overflow vulnerability in STOREWV othersubr.
b33deb9c9fd77bb9f85fcccf5c952979Apple CoreText libFontParser.dylib suffers from a stack corruption vulnerability in the handling of /BlendDesignPositions Type 1 objects.
c178252e4ec3ca797a19785947f03896Apple CoreText libType1Scaler.dylib suffers from a heap buffer overflow vulnerability in the Counter Control Hints.
c4ea7a179bb02915471d29ae7a729d9eApple CoreText libType1Scaler.dylib suffers from a memory disclosure vulnerability via an uninitialized transient array.
58a55471b1e336a6f7a00a43543274c3The XNU kernel suffers from a memory disclosure vulnerability in mach message trailers.
fd485ea94f3d1c1a1348a97feddde88bThe XNU kernel suffers from a type confusion vulnerability in turnstiles.
a0391836c332c430261f0d75f705ed5aApple Safari is susceptible to a remote code execution vulnerability via an undefined othersubr in Type 1 fonts handled by libType1Scaler.dylib on macOS and iOS.
46ada3aa4a5cf57b7f656c84696a56ccThere is a heap buffer overflow in libgcrypt due to an incorrect assumption in the block buffer management code. Just decrypting some data can overflow a heap buffer with attacker controlled data and no verification or signature is validated before the vulnerability occurs.
9a0ae509391275947c719943ee40c587If an application uses iconv() with an attacker specified character set, there's an assertion in the gconv buffer management code that can be triggered, crashing the application. The crash only occurs with ISO-2022-JP-3 encoding.
95357505e4eb0edd827bee432e14e8e7Node version 14.11.0 is vulnerable to a use-after-free bug in its TLS implementation.
605c74b7f6ed00900884dafc459cf57eCVE-2020-0986, which was exploited in the wild, was not fixed. The vulnerability still exists, just the exploitation method had to change. A low integrity process can send LPC messages to splwow64.exe (Medium integrity) and gain a write-what-where primitive in splwow64’s memory space. The attacker controls the destination, the contents that are copied, and the number of bytes copied through a memcpy call.
43653a72a19a4fb4ecc7c809b0ae1e68usrsctp suffers from a use-after-free write when handling a malicious COOKIE-ECHO.
a155eaa93037f6e176e030160ef6c1d6Linux suffers from broken locking in TIOCSPGRP that can lead to a corrupted refcount.
d37fdf0d783b8893341574d9756e44cbThere is an out-of-bounds write vulnerability when decoding a malformed PICT image on macOS. The vulnerability has been confirmed on the latest stable macOS version.
f62261f5660f9ced363ae4dabdfa325fQualcomm Adreno GPU PID reuse can lead to a shared mapping leak vulnerability.
35acf4ac51c404442520651898879148usrsctp suffers from insecure HMAC generation that can lead to out-of-bounds access.
60dae1b024aad137dbbc2e032f8413acusrsctp suffers from a usrsctp pending_reply_queue out-of-bounds access vulnerability.
fbfd1f9af88626326bb98128c859b372The Microsoft Windows WOF filter driver does not correctly handle the reparse point setting which allows for an arbitrary file to be cached signed leading to a bypass of UMCI.
6ef17e92e2a41526202eea6e0a2e23cbThe Microsoft Windows Cloud Filter HsmOsBlockPlaceholderAccess function allows a user to create arbitrary registry keys in the .DEFAULT users hive leading to elevation of privilege.
1dedadce5dfb6b98c3be28c5271c765b
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed