7653 matches found
Mastodon < 4.1.18 Multiples Vulnerabilities
According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.18 or 4.2.x prior to 4.2.10. It is, therefore, affected by multiples vulnerabilities : - An Insufficient permission checking on multiple API endpoints - An Improper authorship check ...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds writes may occur. An attacker can escalate privileges by exploiting the vulnerability...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds writes may occur. An attacker can escalate privileges by exploiting the vulnerability...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds reads may occur. An attacker exploiting the vulnerability could gain access to sensitive...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds writes may occur. An attacker can escalate privileges by exploiting the vulnerability...
Google Pixel trusty_shared_memory_manager.cc file buffer overflow vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in TrustySharedMemoryManager::GetSharedMemory at ondevice/trusty/trustysharedmemorymanager.cc, which could be exploited by an...
Google Pixel syscall.c file buffer overflow vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in validaddress in syscall.c, which can be exploited by an attacker to cause an out-of-bounds read...
Google Pixel mm_GmmPduCodec.c file buffer overflow vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect bounds checking in mmGetMobileIdIndexForNsUpdate in mmGmmPduCodec.c, which can be exploited by an attacker to cause an out-of-bounds write...
Google Pixel Out-of-Bounds Read Vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an out-of-bounds read vulnerability that stems from a lack of boundary checking, which can be exploited by an attacker to read local information out of bounds...
Google Pixel protocolmiscmiscadapter.cpp file buffer overflow vulnerability
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking in protocolmiscHwConfigChangeAdapter::GetData's protocolmiscmiscadapter.cpp, which can be exploited by an attacker to cause an...
kernel: xfs: add bounds checking to xlog_recover_process_data
A vulnerability has been identified within the Linux kernel's xlogrecoverprocessdata function. Specifically, the function lacks proper bounds checking on the space allocated for the fixed members of the xlogopheader structure during log record processing. This omission can lead to an out-of-bound...
The vulnerability of the detection mechanism for network traffic analysis tools, network detection, and response by Palo Alto Networks’ Cortex XDR Agent on Windows operating systems allows attackers to disable the Cortex XDR Agent and execute arbitrary code.
The vulnerability of the detection mechanism for network traffic analysis, network detection, and response by Palo Alto Networks’ Cortex XDR Agent in Windows operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow an attack...
UBUNTU-CVE-2024-50070
In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: check devmkasprintf returned value devmkasprintf can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review...
CVE-2024-44283
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination...
CVE-2024-44237
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Processing a maliciously crafted file may lead to unexpected app termination...
CVE-2024-44302
The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing a maliciously crafted font may result in the disclosure of...
CVE-2024-44236
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Processing a maliciously crafted file may lead to unexpected app termination...
CVE-2024-44228
This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data...
CVE-2024-44236
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination...