771 matches found
ASB-A-304082474
In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
Design/Logic Flaw
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2024-21803 Possible UAF in bt_accept_poll in Linux kernel
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2024-21803 Possible UAF in bt_accept_poll in Linux kernel
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2024-21803
CVE-2024-21803 is a Use-After-Free vulnerability in the Linux kernel’s Bluetooth code path (af_bluetooth.c) that allows Local code execution . The issue affects kernels from 2.6.12-rc2 up to but not including 6.8-rc1, with the vulnerable component being the Bluetooth modules in the kernel. The ro...
CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
CVE-2023-48343
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed...
CVE-2023-48343
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed...
AZL-33325 CVE-2023-51257 affecting package jasper for versions less than 2.0.32-4
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...
CVE-2023-40083
In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-32856
CVE-2023-32856 concerns MediaTek chipsets where the display module has an out-of-bounds read caused by an incorrect status check. The vulnerability can lead to local information disclosure with System execution privileges required, and exploitation does not require user interaction. The available...
CVE-2023-22818
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for Windows that could allow attackers with local access to execute arbitrary code by executing the installer in the same folder as the malicious DLL. This can lead to the execution of arbitrary code...
CVE-2023-42639
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
PT-2023-15800 · Unknown · Sensor Driver
Name of the Vulnerable Software and Affected Versions: Sensor driver affected versions not specified Description: The issue is related to a missing bounds check in the sensor driver, which could lead to a possible out of bounds write. This may result in a local denial of service and requires Syst...
Command injection
Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile...
CVE-2023-42658 InSpec Archive Command Vulnerable to Maliciously Crafted Profile
Archive command in Chef InSpec prior to 4.56.58 and 5.22.29 allow local command execution via maliciously crafted profile...
PT-2023-28487 · Chef · Chef Inspec
Name of the Vulnerable Software and Affected Versions: Chef InSpec versions prior to 4.56.58 Chef InSpec versions prior to 5.22.29 Description: The issue allows local command execution via maliciously crafted profiles, specifically affecting the archive, check, and export commands in Chef InSpec...