CVE-2022-26697

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of...

CVE-2022-26697

CVE-2022-26697 describes an out-of-bounds read issue in macOS components where processing a maliciously crafted AppleScript binary could terminate the application or disclose process memory. The common public record confirms the root cause as an out-of-bounds read with memory disclosure implicati...

Microsoft Windows SMBv1 Information Disclosure Vulnerability

The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet...

CVE-2022-20737 Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow Vulnerability

A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device or to obtain portion...

Design/Logic Flaw

A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker...

CVE-2022-22783

Summary: CVE-2022-22783 affects Zoom On-Premise Meeting Connector Controller and MMR 4.8.102.20220310. The issue exposes process memory fragments to connected clients, which a passive attacker could observe, per NVD and PT-2022-15675 sources. Affected components: Zoom On-Premise Meeting Connector...

Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow Vulnerability

A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device or to obtain portion...

Exploit for Improper Initialization in Linux Linux_Kernel

Linux Privilege Escalation Bash script to check and exploit th...

macOS 11.x < 11.6.5 Multiple Vulnerabilities (HT213184)

The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.6.5 Big Sur. It is, therefore, affected by multiple vulnerabilities including the following: - Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution...

Information disclosure

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2022-22626

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

CVE-2022-22625

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process...

Mozilla Firefox Information Disclosure Vulnerability

Mozilla Firefox does not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site...

Sangfor VDI Client has an unspecified vulnerability

Sangfor VDI Client is a tool used by Sangfor to quickly build virtual desktops.A security vulnerability exists in Sangfor VDI Client, which can be exploited by attackers to discover the contents of username and password fields when reading process memory...

CVE-2022-22908

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields...

Rocky Linux 8 : GNOME (RLSA-2021:1586)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1586 advisory. - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS...

Mageia: Security Advisory (MGASA-2014-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-44828

Arm Mali GPU Kernel Driver Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0 allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes...

CVE-2021-44828

Arm Mali GPU Kernel Driver Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0 allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes...

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...