CVE-2024-30704

CVE-2024-30704 entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-30687

CVE-2024-30687 has been withdrawn; multiple sources (NVD, CNNVD, CVE List) state: “DO NOT USE THIS CANDIDATE NUMBER. This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.” Consequently, there is ...

The vulnerability of the D-Bus inter-process communication system, related to access control errors, allows a perpetrator to trigger a service failure.

The vulnerability of the D-Bus inter-process communication mechanism is related to the possibility for unprivileged users to abruptly terminate the dbus-daemon process. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

PT-2024-14006 · Gog · Gog Galaxy

Name of the Vulnerable Software and Affected Versions: GOG Galaxy Beta versions 2.0.67.2 through 2.0.71.2 Description: A Privilege Escalation issue in the inter-process communication procedure allows authenticated users to change the DACL of arbitrary system directories to include Everyone full...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the presence of post-release reuse in tipc...

Exploit for Use of Hard-coded Credentials in Gog Galaxy

GOG Galaxy - Research Artifacts Repository Structure This...

CVE-2023-6660

When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever...

CVE-2023-6660 NFS client data corruption and kernel memory disclosure

When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever...

CVE-2023-47248

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example user-supplied input files. This vulnerability only...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from information disclosure in the Qualcomm IPC when reading values from shared memory in a VM...

ALSA-2023:6578 Moderate: libqb security update

The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Security Fixes: libqb: Buffer overflow in logblackbox.c CVE-2023-39976 For more details...

Moderate: libqb security update

The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Security Fixes: libqb: Buffer overflow in logblackbox.c CVE-2023-39976 For more details...

Macvim Security Vulnerabilities

Vim is a cross-platform text editor. A security vulnerability exists in previous versions of Macvim 178 that stems from the use of an insecure inter-process communication mechanism, which may lead to privilege escalation...

CVE-2022-44569

A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication...

CVE-2022-44569

A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication...

CVE-2022-44569

Summary: CVE-2022-44569 affects Ivanti Automation (Ivanti Automation Manager) with an IPC-based authentication bypass. Root cause: insecure inter-process communication that allows a locally authenticated, low-privilege attacker to bypass authentication. Impact: local elevation of access due to by...

CVE-2022-44569

A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication...

Ivanti Automation Security Breach

Ivanti Automation is an application from Ivanti USA. It simplifies the management of complex hybrid environments by automating infrastructure, cloud and workspace automation. A security vulnerability exists in Ivanti Automation versions prior to 2023.4 that stems from insecure inter-process...

Moderate: Red Hat Security Advisory: libqb security update

An update for libqb is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Mozilla: Memory corruption in IPC ColorPickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...