7654 matches found
CVE-2024-6302
CVE-2024-6302 affects Conduit; vulnerability is a lack of privilege checking when processing redactions in versions v0.6.0 and earlier. A local user who can send redaction events can redact any message from users on the same server, enabling unauthorized message redaction. The issue is documented...
CVE-2024-6302 Improper Handling of Insufficient Permissions or Privileges in Conduit
Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to send redaction events...
CVE-2024-4640 OnCell G3470A-LTE Series: Authenticated Command Injection via sendTestEmail
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...
Moxa OnCell G3470A-LTE 安全漏洞
MOXA OnCell G3470A-LTE is a series of cellular gateway/router from MOXA China. A buffer overflow vulnerability exists in MOXA OnCell G3470A-LTE v1.7.7 and earlier firmware versions, which stems from a lack of boundary checking for buffer operations, and can be exploited by an attacker to write...
CVE-2024-38621
In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160copyvideo The subtract in this condition is reversed. The -length is the length of the buffer. The -bytesused is how many bytes we have copied thus far. When the condition is reversed...
Moodle Cross-Site Request Forgery Vulnerability (CNVD-2025-11217)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site request forgery vulnerability that stems from incorrect CSRF token checking, which can be exploited by...
CVE-2024-38562
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request-channels can be used, request-nchannels must be set. Additionally, address calculations for memory after the "channels" array need to be...
CVE-2022-48744
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...
CVE-2022-48732
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
CVE-2022-48744
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...
CVE-2022-48732
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...
CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...
CVE-2022-48744
In CVE-2022-48744, the Linux kernel net/mlx5e driver was made resilient to field-bound checking by avoiding a field-overflowing memcpy() across neighboring fields. The root cause involved copying MLX5E_XDP_MIN_INLINE bytes into a 2-byte inline_hdr.start, causing writes to adjacent data (vlan_tci,...
CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
CVE-2022-48732
The CVE-2022-48732 issue affects the Linux kernel’s DRM Nouveau component, caused by an off-by-one error in BIOS boundary parsing of embedded init scripts. This bounds-checking flaw can reject access to the last byte, causing driver initialization to fail on Apple eMac systems with GeForce 2 MX G...
CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
CVE-2022-48732
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
CVE-2022-48732
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...