CVE-2023-20834

In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514...

OESA-2023-1513 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading ...

Open-Xchange AppSuite Path Traversal Vulnerability

Open-Xchange AppSuite is a set of Web cloud desktop environments from Open-Xchange Germany. The environment allows users to more intuitively manage email, tasks, files, and more. A path traversal vulnerability exists in Open-Xchange AppSuite that originates from allowing an attacker with access...

PT-2023-5706 · Apache · Apache Nifi

Name of the Vulnerable Software and Affected Versions: Apache NiFi versions 0.0.2 through 1.22.0 Description: The issue is related to the Remote Resource Handler component of Apache NiFi, which is associated with incorrect code generation management. This can allow a remote attacker to execute...

CVE-2023-34103 Stored XSS (Cross Site Scripting) in html content based fields of avo

Avo is an open source ruby on rails admin panel creation framework. In affected versions some avo fields are vulnerable to Cross Site Scripting XSS when rendering html based content. Attackers do need form edit privilege in order to successfully exploit this vulnerability, but the results are...

AZL-31197 CVE-2023-25661 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model Check Failed and can be used to trigger a denial of service attack. A proof of concept can be constructed with the Convolution3DTranspose function. This...

PT-2023-18778 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: The issue allows a search to bypass safeguards for risky commands using the...

AZL-10758 CVE-2022-0168 affecting package kernel for versions less than 5.15.67.1-4

A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...

PT-2022-9135 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue arises from the method PVRSRVBridgeTLDiscoverStreams, which allocates a buffer on the heap and fills it via TLServerDiscoverStreamsKM. If TLServerDiscoverStreamsKM fails due t...

kernel: information leak in scsi_ioctl()

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

Exploit for Code Injection in Mybb

CVE-2022-24734 PoC An RCE can be obtained on MyBB's Admin CP...

CVE-2022-23159

Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISIPRIVLOGINSSH and/or ISIPRIVLOGINCONSOLE and ISIPRIVAUTHPROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can...

OESA-2022-1604 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: st21nfcaconnectivityeventreceived in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVTTRANSACTION buffer overflows because of untrusted length parameters.CVE-2022-26490 A memory leak flaw was found in the Linu...

mysql: Server: DML unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server...

mysql: InnoDB unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

kernel: Speculation on pointer arithmetic against bpf_context pointer

A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAPSYSADMIN. A local user with the ability to insert eBPF instructions can use the eBPF verifier to abuse a spectre like flaw where they can infer all...

CVE-2021-0338

In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

CVE-2020-27017

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an XML External Entity Processing XXE vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already have obtained product administrator/root privileges to...

kernel: sg_write function lacks an sg_remove_request call in a certain failure case

A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...

kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS

A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware mwifiex could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch ha...