CVE-2024-45819 libxl leaks data to PVH guests via ACPI tables

PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...

SUSE CVE-2024-45819

PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prio...

PT-2024-10469

Name of the Vulnerable Software and Affected Versions Xen affected versions not specified Description The issue is related to the construction of ACPI tables for PVH guests by the toolstack, which involves building the tables in local memory before copying them into guest memory. The excess space...

CVE-2024-34635

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

CVE-2024-34634

Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

PT-2024-26043 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is an out-of-bounds read in applying own binary, which allows local attackers to potentially read memory. Recommendations: For versions prior to 4.4.21.62, update to version...

PT-2024-26045 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds read in applying binary with path, which allows local attackers to potentially read memory. Recommendations: For versions prior to 4.4.21.62, upda...

PT-2024-26049 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds read that occurs when applying a new binary. This could potentially allow local attackers to read memory. Recommendations: For versions prior to...

PT-2024-26044 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds read in the parsing implementation, which could allow local attackers to potentially read memory. Recommendations: For versions prior to 4.4.21.62...

PUB-A-322224043

In setsecurereg of sachandler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation...

IEIT NF5280M6 安全漏洞

The IEIT NF5280M6 is a UEFI boot firmware from China Wave Information IEIT. A security vulnerability exists in the IEIT NF5280M6 version 8.4 and earlier, which stems from improper function usage and a pool overflow vulnerability that could lead to tampering of memory data by an attacker with acce...

DEBIAN-CVE-2024-26783

In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeupkswapd with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the following oops has been...

PT-2024-2089 · Dell · Dell Poweredge Server Bios +1

Name of the Vulnerable Software and Affected Versions: Dell PowerEdge Server BIOS versions affected versions not specified Dell Precision Rack BIOS versions affected versions not specified Description: The issue is related to an improper parameter initialization vulnerability in the BIOS software...

CVE-2023-27975

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering workstation...

SUSE CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

DEBIAN-CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

Design/Logic Flaw

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...

CVE-2023-4969

A GPU kernel can read sensitive data from another GPU kernel even from another user or app through an optimized GPU memory region called local memory on various architectures...