mariadb: lack of validating the existence of an object prior to performing operations on the object

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL...

SUSE CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a local elevation of privilege...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 35 for SLE 15 SP1) (SUSE-SU-2023:4244-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4244-1 advisory. - A use-after-free vulnerability in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component can be exploited to achieve loca...

CVE-2023-40128

In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Stack overflow

An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory IOCTL 0x1b2150. An attacker can exploit this to elevate privileges from a medium-integrity process to...

K20307245: BIG-IP tmsh vulnerability CVE-2023-45219

Security Advisory Description Exposure of Sensitive Information vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command, which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. CVE-2023-45219 Impact An authenticated attack...

CVE-2023-5463

A vulnerability was found in XINJE XDPPro up to 3.7.17a. It has been rated as critical. Affected by this issue is some unknown functionality in the library cfgmgr32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit has been disclosed to t...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...

CVE-2023-4211

CVE-2023-4211 affects the Arm Mali GPU Kernel Driver. The issue is a use-after-free/resource management error in the Mali driver that allows a local, non-privileged user to perform improper GPU memory processing and access freed memory. Impact is limited to confidentiality (high impact) with no d...

CVE-2022-4956

A vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. This affects an unknown part of the component WinSxS DLL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may ...

PT-2023-15939 · Caphyon · Caphyon Advanced Installer

Name of the Vulnerable Software and Affected Versions: Caphyon Advanced Installer version 19.7 Description: A critical vulnerability has been found in the WinSxS DLL Handler component of Caphyon Advanced Installer. The manipulation leads to an uncontrolled search path. Attacking locally is a...

Microsoft Error Reporting Local Privilege Elevation Exploit

This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser. If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary...

PT-2023-31479 · Topaz Ofd · Topaz Ofd

Name of the Vulnerable Software and Affected Versions: Topaz OFD version 2.11.0.201 Description: A problematic vulnerability was found in Topaz OFD, affecting an unknown part of the file C:Program FilesTopaz OFDWarsawcore.exe of the component Protection Module Warsaw. The manipulation leads to an...

kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()

An out-of-bounds OOB memory access flaw was found in the Netfilter module in the Linux kernel's nftbyteordereval in net/netfilter/nftbyteorder.c. A bound check failure allows a local attacker with CAPNETADMIN access to cause a local privilege escalation issue due to incorrect data alignment...

CVE-2023-20849

The CVE-2023-20849 vulnerability is in the imgsys_cmdq component and is caused by missing valid range checking, leading to a use-after-free that can enable local privilege escalation with SYSTEM privileges. Exploitation requires user interaction. Affected context references MediaTek-related discl...

CVE-2023-4383

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been...

CVE-2023-21275

In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...