NVIDIA DGX 安全漏洞

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in the NVIDIA DGX A100 SBIOS prior to version 1.18, which stems from an attacker being able to modify arbitrary memory in SMRAM by utilizing the NVME SMM API, which could resul...

PT-2023-16085 · Nvidia · Nvidia Dgx A100 Sbios

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 SBIOS affected versions not specified Description: The issue allows an attacker to modify arbitrary memory of SMRAM by exploiting the NVME SMM API, potentially leading to denial of service, escalation of privileges, and...

PT-2023-16081 · Nvidia · Nvidia Dgx A100 Sbios

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 SBIOS affected versions not specified Description: The issue allows an attacker to modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit may lead to denial of service,...

Security Bulletin: CVE-2022-3676 may affect IBM® SDK, Java™ Technology Edition

Summary CVE-2022-3676 was addressed in Eclipse OpenJ9 version 0.35 Vulnerability Details CVEID:CVE-2022-3676 DESCRIPTION: Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by improper runtime type check by the interface calls. By sending a specially-crafted...

CVE-2021-33639

REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that the SVM driver's REMAP cmd can be used to remap read-only memory to read-write, which can lead...

CVE-2021-33639

REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified...

Medium: protobuf

Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...

SUSE CVE-2004-1070

The loadelfbinary function in the binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernelread function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary...

SUSE CVE-2004-1151

Multiple buffer overflows in the 1 sys32nisyscall and 2 sys32vm86warning functions in sysia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges...

SUSE CVE-2005-3627

Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with 1 a large "number of components" value that is not checked by...

SUSE CVE-2016-9383

Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service host crash, or execute arbitrary code on the host by leveraging broken emulation of bit test instructions...

SUSE CVE-2017-13721

In X.Org Server aka xserver and xorg-server before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session...

SUSE CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

SUSE CVE-2022-1621

Heap buffer overflow in vimstrncpy findword in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution...

SUSE CVE-2022-1629

Buffer Over-read in function findnextquote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution...

Medium: protobuf

Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...

Vim has a binary vulnerability (CNVD-2023-17836)

Vim is a cross-platform text editor. Vim suffers from a binary vulnerability that can be exploited by attackers to cause software crashes, memory modification, and remote execution...

SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2022:4591-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4591-1 advisory. - In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of...

protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory...