Lucene search
+L

166 matches found

OSV
OSV
added 2025/08/22 4:0 p.m.13 views

CVE-2025-38635 clk: davinci: Add NULL check in davinci_lpsc_clk_register()

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...

5.5CVSS7.3AI score0.00159EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2025/08/22 4:0 p.m.12 views

CVE-2025-38635

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...

5.5CVSS5.3AI score0.00159EPSS
Exploits0
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from davincilpscclkregister not checking the devmkasprintf return value, which could result in a null pointer...

5.5CVSS8AI score0.00159EPSS
Exploits0References10
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-22476 Malicious code in hl7.fhir.us.davinci-hrex (npm)

The package hl7.fhir.us.davinci-hrex was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/20 4:44 p.m.5 views

Malicious code in @toptal/davinci-graphql-codegen-extensions (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/20 4:42 p.m.4 views

Malicious code in @toptal/davinci-cloudflare-requests-handler (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/20 4:41 p.m.2 views

Malicious code in @toptal/davinci-monorepo (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/31 2:51 p.m.19 views

CVE-2025-4081

Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and library load constraints allows to substitute a legitimate dylib with malicious one. A local attacker with unprivileged access can execute the application with altered dynamic library successfully bypassi...

4.8CVSS6.8AI score0.00128EPSS
Exploits0References1
NVD
NVD
added 2025/05/29 3:15 p.m.20 views

CVE-2025-4081

Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and library load constraints allows to substitute a legitimate dylib with malicious one. A local attacker with unprivileged access can execute the application with altered dynamic library successfully bypassi...

4.8CVSS0.00128EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/29 2:25 p.m.27 views

CVE-2025-4081 TCC Bypass via Dylib Substitution in DaVinci Resolve

Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and library load constraints allows to substitute a legitimate dylib with malicious one. A local attacker with unprivileged access can execute the application with altered dynamic library successfully bypassi...

4.8CVSS0.00128EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/29 2:25 p.m.8 views

CVE-2025-4081 TCC Bypass via Dylib Substitution in DaVinci Resolve

Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and library load constraints allows to substitute a legitimate dylib with malicious one. A local attacker with unprivileged access can execute the application with altered dynamic library successfully bypassi...

4.8CVSS7AI score0.00128EPSS
Exploits0References2
CVE
CVE
added 2025/05/29 2:25 p.m.84 views

CVE-2025-4081

The CVE-2025-4081 entry concerns a TCC bypass in DaVinci Resolve for macOS caused by using the entitlement com.apple.security.cs.disable-library-validation and missing launch/library-load constraints, enabling local unprivileged attackers to substitute a legitimate dylib with a malicious one. The...

4.8CVSS6.5AI score0.00128EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.6 views

Blackmagic Design DaVinci Resolve 安全漏洞

Blackmagic Design DaVinci Resolve is a software tool that combines editing, color correction, visual effects, motion graphics, and audio post-production in one package. A security vulnerability exists in Blackmagic Design DaVinci Resolve, which stems from insufficient dynamic library loading...

4.8CVSS6.4AI score0.00128EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.10 views

PT-2025-23167 · Blackmagic Design · Davinci Resolve

Name of the Vulnerable Software and Affected Versions: DaVinci Resolve versions prior to the fixed version Description: The issue is related to the use of entitlement "com.apple.security.cs.disable-library-validation" and the lack of launch and library load constraints, allowing a local attacker...

4.8CVSS5.9AI score0.00128EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 3:47 a.m.6 views

CVE-2023-31848

davinci 0.3.0-rc is vulnerable to Server-side request forgery SSRF...

8.8CVSS6.9AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:20 a.m.7 views

CVE-2023-24206

Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function...

9.8CVSS8.3AI score0.00741EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.9 views

Vulnerability of the vpif_probe() function in the drivers/media/platform/davinci/vpif.c module – A driver for kernel-based multimedia devices in the Linux operating system, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the vpifprobe function in the drivers/media/platform/davinci/vpif.c module – The Linux kernel’s multimedia device support driver is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.5AI score0.00252EPSS
Exploits0References12Affected Software2
RedhatCVE
RedhatCVE
added 2025/03/02 9:20 a.m.27 views

CVE-2025-1413

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS6.9AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2025/02/28 9:15 a.m.11 views

CVE-2025-1413

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS0.00195EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/28 8:25 a.m.9 views

CVE-2025-1413 Dylib Hijacking in DaVinci Resolve

DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...

8.4CVSS6.6AI score0.00195EPSS
Exploits0References3
Rows per page
Query Builder