PT-2022-9137 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-12 Description: The issue allows for a bypass of Factory Reset Protections, potentially leading to local escalation of privilege without requiring additional execution privileges. User interaction i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel versions prior to 5.15-rc1 have a denial-of-service vulnerability that stems from a false cancel operation that triggers the commit of a new io-uring, resulting in a kernel error. An attacke...

MGASA-2022-0085 Updated flac packages fix security vulnerability

In appendtoverifyfifointerleaved of streamencoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. CVE-2021-0561...

CVE-2022-23163

Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability...

kernel: use-after-free in RDMA listen()

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this...

CVE-2022-24048

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-39687

In HandleTransactionIoEvent of actuatordriver.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

Design/Logic Flaw

A local unquoted search path security vulnerability has been identified in HPE Agentless Management Service for Windows versions: Prior to 1.44.0.0, 10.96.0.0. This vulnerability could be exploited locally by a user with high privileges to execute malware that may lead to a loss of confidentialit...

CVE-2021-45336

Summary: CVE-2021-45336 is a privilege-escalation flaw in Avast Antivirus’s Sandbox component. Local, sandboxed code could gain elevated privileges by abusing system IPC interfaces, potentially exiting the sandbox to obtain SYSTEM privileges. Affected versions: Avast Antivirus prior to 20.4. Impa...

CVE-2021-0677

The CVE-2021-0677 issue affects the ccu driver, where an integer overflow can trigger an out-of-bounds read, leading to local information disclosure with SYSTEM privileges required. Exploitation reportedly does not need user interaction. The Red Hat and NVD entries corroborate this description; p...

PUB-A-190435883

In PVInitVideoEncoder of mp4encapi.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-186530889

In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User...

PUB-A-190619791

In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User...

Vulnerabilities fixed in IBM MQ

IBM has fixed several vulnerabilities in MQ. A malicious person could potentially exploit the vulnerabilities locally to cause a denial-of-service, gain access to sensitive data or execute arbitrary code under the user's privileges. IBM has released updates to fix the vulnerability. More...

Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux

PoC exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu OverlayFS. The target is the Linux kernel, specifically the overlayfs file system, which did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker coul...

Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu OverlayFS. The exploit targets Ubuntu versions 20.10, 20.04 LTS, 19.04, 18.04 LTS, 16.04 LTS, and 14.04 ESM. The vulnerability arises from a Linux kernel issue where it did not properly validate the...

Out-of-bounds

In ape extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561395; Issue ID: ALPS05561395...

Input validation

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

CVE-2021-29213

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitiv...

Security feature bypass

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitiv...