Android suffers from ashmem read-only bypass vulnerabilities via remap_file_pages() and ASHMEM_UNPIN.
689f8071ae95d70db5dd1910063463a8d8fb46ef07c27f4a5369f3a1700ddf3f
There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a negative packet length. Then, CAudioJBM::InputAudioFrameToJBM will check that the packet size is smaller than the size of a buffer before calling memcpy, but this check (n < 300) does not consider that the packet length could be negative due to the previous error. This leads to an out-of-bounds copy.
a0b85c6f0d5c0b58add65cb309bf9193d2b63ceb17c68e1f5561d25888f0f991
Debian Linux Security Advisory 4601-1 - It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation.
e0d6a8a2799b4f9b75190b5086a55fde12692f3e78f6cd91af198fe8a8b1ee15
ASTPP version 4.0.1 VoIP billing suffers from a database backup disclosure vulnerability.
a2174d3dba9ae9ae0510d2c1aa2607002f40276b2fd998186e770707831fcc82
The parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
793090fba48547497446172319a1c4df12912499fed2f2b0ce09b16332463da7
PixelStor 5000 version K:4.0.1580-20150629 suffers from a remote code execution vulnerability.
ea5ae2630f140e0737cd5912e3d86086ab55e0d432758e973f883857b40af430
Pandora version 7.0NG suffers from a remote code execution vulnerability.
c7b678b946009e18d848768f85e0b95db2768937faaea0950ebe94f56b370033
Ubuntu Security Notice 4234-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy restrictions, conduct cross-site scripting attacks, or execute arbitrary code.
a0805f0ee3a6396ecc66da71874e6646c37228e4000732d37e82a0deffaaf360
TotalAV 2020 version 4.14.31 suffers from a privilege escalation vulnerability.
e5e47182b25e16f7b070538fac89438665e73d9ec04229c5a3829c7a54a8b112
The parsing engine in various Kaspersky products supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (Compression Size Flag) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
9de58a261f7a885904785912ed09937ff3ced4a9bf116489ceebbeb94fc32870
Backup Key Recovery version 2.2.5 suffers from a denial of service vulnerability.
3ecafc72257d6f8b3a06fbfdb0db83aa46dbf8710cdae0c98f23ea96e2a7f2e6
Microsoft Windows 10 UAC bypass local privilege escalation exploit.
da33b1ac519f32c7050bfa9bce27eebe9137f9d13a82ec83ef7d5c1e8313d7ac
This patch mitigates allowing launcher the ability to execute arbitrary programs.
05bbc4faa849e25fbad6d25534f4c781fc3cc329c48f156bf5eb3fdb0bb6fa54