14 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-26728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn...
CVE-2022-26728
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files...
BELL-CVE-2024-26728
Bulletin has no description...
CVE-2024-26728
CVE-2024-26728 is a Linux kernel issue affecting the DRM/AMD display path, where a null-pointer dereference could occur during EDID reading. The fix switches to using an I2C adapter when there is no aux_mode in dc_link to prevent the dereference in scenarios involving DCN2.1 and HDMI connectors (...
CVE-2024-26728
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix null-pointer dereference on edid reading Use i2c adapter when there isn't auxmode in dclink to fix a null-pointer derefence that happens when running igt@kmsforceconnectorbasic in a system with DCN2.1 and HDM...
CVE-2021-26728
creationtimestamp| type| source ---|---|--- 2022-10-24 18:26:05+00:00| seen| https://t.me/cibsecurity/51990...
CVE-2021-26728
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsrfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26728 spx_restservice KillDupUsr_func Command Injection and Stack-Based Buffer Overflow
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsrfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26728
CVE-2021-26728 affects Lanner IAC-AST2500A standard firmware 1.10.0. The issue resides in KillDupUsr_func within spx_restservice, enabling command injection and stack-based (and heap-based per CNNVD) buffering flaws that could allow an attacker to execute arbitrary code with root privileges on th...
CVE-2022-26728
creationtimestamp| type| source ---|---|--- 2022-05-26 22:14:50+00:00| seen| https://t.me/cibsecurity/43434 2022-12-27 14:07:57+00:00| seen| https://t.me/proxybar/1248 2023-01-04 11:11:04+00:00| published-proof-of-concept| Telegram/aOfrbDrwIUidyWTOYj25ydnl1rugPysH4Ldx8LcxgtM 2023-01-29...
CVE-2022-26728
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files...
CVE-2022-26728
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files...
CVE-2022-26728
CVE-2022-26728 affects macOS where an app with entitlements could access restricted files due to an entitlement handling flaw. The issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, and macOS Big Sur 11.6.6. It requires local access (per CVSS3.1) and does not appear to be e...
CVE-2020-26728
The CVE-2020-26728 entry corresponds to a remote code execution in Tenda AC9 devices (v3.0 V15.03.06.42_multi and v1.0 V15.03.05.19(6318)_CN). The underlying issue is shell metacharacters in the guestuser field used by the __fastcall function via a POST request, enabling an attacker to execute ar...