An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the re...

In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no...

In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

In battery, there is a possible escalation of privilege due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ne...

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.