284 matches found
CVE-2022-42518
In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
SUSE CVE-2023-53750
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...
DEBIAN-CVE-2023-53750
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...
CVE-2023-53750
In CVE-2023-53750, the Linux kernel pinctrl freescale code had a memory out-of-bounds risk when num_configs equals 1, as pad wakeup can pass a configuration index of 1 which should not be fetched. The provided fix adjusts to read configs[1] only when num_configs is 2, preventing out-of-bounds acc...
CVE-2023-53750 pinctrl: freescale: Fix a memory out of bounds when num_configs is 1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...
PT-2025-49480
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's pinctrl subsystem, specifically within the freescale driver. The issue involves a memory out-of-bounds condition that occurs when the number of...
PT-2025-48119
CMService.exe creates the C:usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...
MAL-2025-177416 Malicious code in poglymer-ogmimh-avigpafdoag (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2edcbd6c1a3cb86aebf3e402f2f4722c123d6e4644d751e607bec66cea7dedd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-64132
Jenkins MCP Server Plugin 0.84.v50ca24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to trigger builds and obtain information about job and cloud configuration they should not be able to access...
Malicious Package
Overview tai1wind-configs-viewer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Malicious Package
Overview tailwind-configs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview json-configs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in vite-configs-viewer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb19ecaeacbca9e361ca15d50c99cbfa3ad023b63d06465ae2ad9d9988ab5a63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-33630
Malicious code in vite-configs-viewer npm...
Malicious Package
Overview vite-configs-viewer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48268 Malicious code in vite-configs-viewer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb19ecaeacbca9e361ca15d50c99cbfa3ad023b63d06465ae2ad9d9988ab5a63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2022-5221
Malicious code in bioql PyPI...
EUVD-2022-3115
Malicious code in bioql PyPI...
PT-2025-39765
Name of the Vulnerable Software and Affected Versions WordPress Search Exclude plugin versions up to and including 2.5.7 Description The WordPress Search Exclude plugin contains a flaw that allows unauthorized modification of data. This is due to an inadequate capability check within the Base::ge...
Malicious Package
Overview tailwind-configs-viewer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...