CVE-2022-22669

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges...

CVE-2021-40048

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability...

UBUNTU-CVE-2021-38578

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize...

CVE-2021-22429

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed...

CVE-2022-25418

Tenda AC9 V15.03.2.21cn was discovered to contain a stack overflow via the function openSchedWifi...

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g. is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.

...

CVE-2021-37109

There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure...

UBUNTU-CVE-2022-22892

There is an Assertion 'ecmaisvalueundefined value || ecmaisvaluenull value || ecmaisvalueboolean value || ecmaisvaluenumber value || ecmaisvaluestring value || ecmaisvaluebigint value || ecmaisvaluesymbol value || ecmaisvalueobject value' failed at jerry-core/ecma/base/ecma-helpers-value.c in...

ALPINE-CVE-2021-46143

In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...

CVE-2021-45678

NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code...

UBUNTU-CVE-2021-4136

vim is vulnerable to Heap-based Buffer Overflow...

UBUNTU-CVE-2021-42373

A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given...

The vulnerability of the `open_generic_xdg_mime` function in the xdg-open component of the Xdg-utils suite, a set of tools for integrating applications into the Xdg environment, arises due to insufficient handling of input data cleaning. This vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the opengenericxdgmime function in the xdg-open component, a toolset for integrating applications into the Xdg environment, is related to incorrect handling of local variables when using the dash library. Exploiting this vulnerability can allow an attacker to gain access to...

CVE-2021-1829

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.3. An application may be able to execute arbitrary code with kernel privileges...

CVE-2021-30780

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A malicious application may be able to gain root privileges...

CVE-2021-30726

A malicious application may be able to execute arbitrary code with kernel privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An out-of-bounds write issue was addressed with improved bounds checking...

UBUNTU-CVE-2021-30622

Chromium: CVE-2021-30622 Use after free in WebApp Installs...

CVE-2021-38641

Microsoft Edge for Android Spoofing Vulnerability...

UBUNTU-CVE-2021-23434

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

GHSA-P5W9-856P-8Q4G Assumed memory layout of std::net::SocketAddr

The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...