| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. |
| A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library." This vulnerability only affects products that are no longer supported by the maintainer. |
| A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue. |
| A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. |
| A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. |
| A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. |
| A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. |
| Memory corruption while processing IOCTL handler in FastRPC. |
| Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. |
| Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. |
| Memory corruption in Audio while running invalid audio recording from ADSP. |
| Memory corruption while loading an ELF segment in TEE Kernel. |
| Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. |
| Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. |
| Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. |
| Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. |
| Memory corruption in TZ Secure OS while loading an app ELF. |
| Memory corruption in MPP performance while accessing DSM watermark using external memory address. |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |
