3656 matches found
The vulnerability of the optimizing compiler oneAPI DPC++/C++ Compiler, related to access control deficiencies, allows attackers to increase their privileges.
The vulnerability of the optimizing compiler oneAPI DPC++/C++ Compiler is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...
Design/Logic Flaw
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...
Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors
Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor AP, it's just one of the many processors of a system-on-chip SoC that cater to various tasks like...
K77323091: Objective Systems ASN1C Compiler vulnerability CVE-2016-5080
Security Advisory Description Integer overflow in the rtxMemHeapAlloc function in asn1rta.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow, on a system running an application...
K42795243: Apache Xalan Java Library vulnerability CVE-2022-34169
Security Advisory Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Jav...
com.bugvm:bugvm-compiler (>=1.0.0 <=1.2.9), com.bugvm:bugvm-dist (>=1.2.3 <=1.2.9) +27 more potentially affected by CVE-2016-15026 via com.googlecode.plist:dd-plist (>=1.0 <=1.16)
com.googlecode.plist:dd-plist MAVEN version =1.0, =1.0.0, =1.2.3, =1.2.3, =1.0.0, =0.0.1, =2.3.1-ios11, =2.3.1-ios11, =1.0.0-b1, =2.0.0, =2.3.2, =2.3.4, =2.3.1, =2.0.0, =1.2.0, =1.2.1 and more Source cves: CVE-2016-15026 Source advisory: OSV:GHSA-4JX2-HVQW-93J9...
CVE-2022-26843
Insufficient visual distinction of homoglyphs presented to user in the IntelR oneAPI DPC++/C++ Compiler before version 2022.1 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2022-26421
Uncontrolled search path element in the IntelR oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-25987
Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2022-25987
Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
Input validation
Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
Privilege escalation
Uncontrolled search path element in the IntelR oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access...
Input validation
Insufficient visual distinction of homoglyphs presented to user in the IntelR oneAPI DPC++/C++ Compiler before version 2022.1 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2022-26421
CVE-2022-26421 involves an uncontrolled search path element in the Intel® oneAPI DPC++/C++ Compiler Runtime prior to version 2022.0, which may allow an authenticated user to escalate privileges via local access. Affected: Intel® oneAPI Toolkits and specific components listed in sources, including...
CVE-2022-26421
Uncontrolled search path element in the IntelR oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-26843
Insufficient visual distinction of homoglyphs presented to user in the IntelR oneAPI DPC++/C++ Compiler before version 2022.1 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2022-26843
Insufficient visual distinction of homoglyphs presented to user in the IntelR oneAPI DPC++/C++ Compiler before version 2022.1 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2022-26843
CVE-2022-26843 affects Intel® oneAPI Toolkits, specifically the Intel® oneAPI DPC++/C++ Compiler prior to 2022.1 and related toolkits prior to 2022.2. Root cause: insufficient visual distinction of homoglyphs presented to the user, which may allow an unauthenticated user to escalate privileges vi...
CVE-2022-25987
Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2022-25987
Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...