PT-2022-9734 · Unknown · Amd System Management Unit

Name of the Vulnerable Software and Affected Versions: System Management Unit SMU affected versions not specified Description: The issue is related to insufficient DRAM address validation, which may lead to a denial of service due to DMA read/write operations from/to invalid DRAM addresses...

CVE-2021-26370

Improper validation of destination address in SVCLOADFWIMAGEBYINSTANCE and SVCLOADBINARYBYATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability...

Input validation

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

AMD Secure Processor 安全漏洞

AMD Secure Processor ASP is a standalone ARM Coretex-A5 chip from AMD. A security vulnerability exists in AMD Secure Processor that stems from insufficient address validation. An attacker could exploit the vulnerability to execute arbitrary code...

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

CVE-2022-23798

An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not...

CVE-2022-0591

The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3get AJAX action, leading to SSRF issues exploitable by unauthenticated users...

CVE-2022-0484

Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open external programs other than the default browser to perform sign on to a new cluster. An attacker could host a webserver which serves a malicious Mirantis Container Cloud configuration file and induce...

CVE-2021-33627

An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. Software SMI services that use the Communicate function of the EFISMMCOMMUNICATIONPROTOC...

PT-2022-10274 · Insyde · Insydeh2O Kernel

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O Kernel versions 5.0 through 5.0 before 05.09.11 Insyde InsydeH2O Kernel versions 5.1 through 5.1 before 05.17.11 Insyde InsydeH2O Kernel versions 5.2 through 5.2 before 05.27.11 Insyde InsydeH2O Kernel versions 5.3 through 5....

CVE-2021-25078

The Affiliates Manager WordPress plugin before 2.9.0 does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admin viewing the tracked requests...

CVE-2021-30274

Possible integer overflow in access control initialization interface due to lack and size and address validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

CVE-2021-30275

Possible integer overflow in page alignment interface due to lack of address and size validation before alignment in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

Dnsmasq 缓冲区错误漏洞

dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C. It can be used to check for errors in the DNS forwarding and DHCP and TFTP servers. A buffer error vulnerability exists in Dnsmasq 2.86, which stems from a heap-based buffer overflow in the check for incorrect addresse...

Affiliates Manager < 2.9.0 - Unauthenticated Stored Cross-Site Scripting

The plugin does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perform Cross-Site Scripting attacks against admin viewing the tracked requests. PoC As unauthenticated: wget "https://example.com/?wpamid=1"...

Code injection

Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token...

_from and _to can be the same address on wrap() function

Handle jayjonah8 Vulnerability details Impact In WJLP.sol, the wrap function pulls in amount base tokens from from, then stakes them to mint WAssets which it sends to to. It then updates rewardOwner's reward tracking such that it now has the right to future yields from the newly minted WAssets. B...

outputBasket address not checked in EthSingleTokenJoin.sol

Handle jayjonah8 Vulnerability details Impact In the joinToKenEth function in EthSingleTokenJoin.sol, the outputBasket within the passed in data is not checked and could be an attacker controlled address returning any thing it wants in fake versions of calcTokensForAmount and joinPool functions...

CVE-2021-24756

The WP System Log WordPress plugin before 1.0.21 does not sanitise, validate and escape the IP address retrieved from login requests before outputting them in the admin dashboard, which could allow unauthenticated attacker to perform Cross-Site Scripting attacks against admins viewing the logs...

多款Qualcomm产品输入验证错误漏洞

Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm.QCA6574AU is a central processing unit CPU product.SDX24 is a modem.MDM9205 is a central processing unit CPU product. An input validation error vulnerability exists in multiple Qualcomm products. The vulnerability stems...