An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/...
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. Date published : 2019-07-31...
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/...
CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. Date published : 2019-07-31 http://cimg.eu/ https://github.com/dtschump/CImg
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle. Date published : 2019-07-31 https://www.kth.se/polopoly_fs/1.914060.1561621279%21/Ludvig%20and%20Daniel_final_dongles.pdf https://www.kth.se/polopoly_fs/1.917488.1564430206%21/elm327.pdf
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is...
Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the...
Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission. Date published :...
Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log. Date published : 2019-07-31 https://jenkins.io/security/advisory/2019-07-31/#SECURITY-673 http://www.openwall.com/lists/oss-security/2019/07/31/1
Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form. Date published : 2019-07-31 https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1458 http://www.openwall.com/lists/oss-security/2019/07/31/1