Google Chrome Survey Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from a confusion in the instructions responsible for freeing memory in Survey. An attacker could exploit the vulnerability t...

Design/Logic Flaw

Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-2857

Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SWFTools Memory Disclosure Vulnerability (CNVD-2022-70586)

SWFTools is a set of utilities for working with Adobe Flash files SWF files. A memory leak vulnerability exists in SWFTools, which originates from /lib/mem.c not freeing or failing to free dynamically allocated heap memory, and can be exploited by an attacker to cause the program to crash...

Adobe Photoshop Information Disclosure Vulnerability

Adobe Photoshop is an application developed and distributed by Adobe for image processing. Adobe Photoshop suffers from an information leakage vulnerability, which acquires sensitive information that can be further read out of bounds. An attacker can exploit this vulnerability to obtain sensitive...

The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to trigger a service failure...

Genesys PureConnect 跨站脚本漏洞

Genesys PureConnect is an all-in-one omni-channel contact center and communications solution from Genesys Corporation. A security vulnerability exists in Genesys PureConnect Interaction Web Tools Chat. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from a configuration flaw. An attacker exploited the vulnerability to cause availability to...

AZL-10819 CVE-2022-1271 affecting package gzip for versions less than 1.12-1

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

CVE-2022-1016

A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...

The vulnerability of the AVEVA Edge SCADA system, related to the restoration of unreliable data in memory, allows a intruder to execute arbitrary code.

The vulnerability of the AVEVA Edge SCADA system is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Gas Agency Management System SQL注入漏洞

Gas Agency Management System is a gas agency management software by Mayuri K. Personal Developer. It is used to manage the daily operations of a gas agency. A SQL injection vulnerability exists in Gas Agency Management System. An attacker can exploit this vulnerability by manipulating the paramet...

Apartment Visitor Management System 跨站脚本漏洞

Apartment Visitor Management System is an Apartment Visitor Management System by Carlo Montero Personal Developer. A cross-site scripting vulnerability exists in Apartment Visitor Management System. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...

Adobe Acrobat Reader输入验证错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. An input validation error vulnerability exists in Adobe Acrobat Reader that stems from improper input validation and can be exploited by an attacker to cause a memor...

CVE-2022-26009

A stack-based buffer overflow vulnerability exists in the confsrv ucloudsetnodelocation functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-24029

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

Google Android elevation of privilege vulnerability (CNVD-2022-65631)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to cause an elevatio...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. There is a security vulnerability in the Google Pixel kernel that stems from a vulnerability that can be exploited by an attacker to cause elevation of privilege...

Google Pixel 资源管理错误漏洞

Google Pixel is a smartphone from the American company Google Google. There is a security vulnerability in the Google Pixel kernel that stems from a vulnerability that can be exploited by an attacker to cause elevation of privilege...

CVE-2022-2294

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...