502 matches found
Mozilla: Memory corruption in IPC ColorPickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla: Memory corruption in IPC FilePickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla: Memory corruption in IPC ColorPickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla: Memory corruption in IPC ColorPickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla Firefox 资源管理错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code issue vulnerability that stems from a potentially exploitable crash that can be exploited by an attacker to cause a use-after-release when receiving rendered data vi...
Mozilla Firefox 资源管理错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a resource management error vulnerability that stems from the fact that when creating a callback to display a color picker window via IPC, multiple identical callbacks may be created...
[SECURITY] Fedora 38 Update: libqb-2.0.8-1.fc38
A "Quite Boring" library that provides high-performance, reusable features fo r client-server architecture, such as logging, tracing, inter-process communication IPC, and polling...
Tencent QQ Local Elevation of Privilege Vulnerability
Tencent QQ is a multi-platform instant messaging software from China's Tencent. A local elevation of privilege vulnerability exists in Tencent QQ. The vulnerability is caused due to QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, which can lead to a...
CVE-2023-34312
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...
CVE-2023-34312
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...
Design/Logic Flaw
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...
CVE-2023-34312
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...
Tencent QQ 安全漏洞
Tencent QQ is a multi-platform instant messaging software from China's Tencent. A local elevation of privilege vulnerability exists in Tencent QQ. The vulnerability is caused due to QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, which can lead to a...
CVE-2023-34312
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...
CVE-2023-34312
CVE-2023-34312 affects Tencent QQ (versions up to 9.7.8.29039) and TIM (up to 3.4.7.22084). The issue is a write-what-where condition caused by QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, enabling a local breach with high impact in confidentiali...
kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...
Microsoft Windows ALPC 安全漏洞
Microsoft Windows ALPC is an inter-process communication tool for high-speed messaging from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows ALPC. The following products and versions are affected:Windows Server 2019,Windows Server 2019 Server Core installation,Windo...
ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8487)
Insufficient protection of the inter-process communication functions in ABB System 800xA Base all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling. This plugin only works with Tenable.ot. Please visit...
ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8486)
Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling. This plugin only works with Tenable.ot. Please visit...