ROS-20260609-73-0004

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

ROS-20260120-7328

A vulnerability in the amdgetmmconfigrange function of the arch/x86/kernel/amdnb.c module of the Linux kernel is related to access differentiation flaws. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

CVE-2019-18890

A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query...

Vulnerability of the its_vpe_irq_domain_alloc() function in the drivers/irqchip/irq-gic-v3-its.c module – This driver for Linux’s IRQ chips allows a hacker to gain access to protected information.

Vulnerability of the itsvpeirqdomainalloc function in the drivers/irqchip/irq-gic-v3-its.c module – The Linux kernel’s IRQ chip support driver is vulnerable to a single-shift error. Exploiting this vulnerability could allow an attacker to access protected information...

The vulnerability of the check_helper_mem_access() function in the kernel/bpf/verifier.c module of the Linux operating system allows a attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the checkhelpermemaccess function in the kernel/bpf/verifier.c module of the Linux operating system is related to errors in the code. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

Vulnerability of the venus_probe() function in the drivers/media/platform/qcom/venus/core.c module – A driver for supporting multimedia devices in the Linux operating system, which allows an attacker to gain access to protected information.

Vulnerability of the venusprobe function in the drivers/media/platform/qcom/venus/core.c module – The Linux kernel’s multimedia device support driver has vulnerabilities related to security configuration errors. Exploiting this vulnerability could allow an attacker to access protected information...

Vulnerability of the sun8i_ss_hash_run() function in the drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c module – a driver for the Linux kernel’s cryptographic accelerator, allowing an attacker to gain access to protected information

Vulnerability of the sun8isshashrun function in the drivers/crypto/allwinner/sun8i-ss/sun8i-ss-hash.c module – The driver for the Linux kernel’s cryptographic accelerator is vulnerable to a buffer overflow vulnerability before the last pointer is freed, resulting in a “memory leak”. Exploiting th...

CVE-2022-30758

Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder...

The vulnerability of the kvm_set_cpuid() function in the arch/x86/kvm/cpuid.c module of the virtualization subsystem on the Linux kernel-based x86 platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmsetcpuid function in the arch/x86/kvm/cpuid.c module of the virtualization subsystem on the Linux kernel-based x86 platform is related to code errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...

The vulnerability of the microprogrammed software of medical monitoring devices such as CMS8000 Patient Monitor and Epsimed MN-120 arises from the fact that the output of operations may escape the buffer in memory. This allows an intruder to gain unauthorized access to protected information, execute arbitrary codes, or gain full control over the device.

The vulnerability of the microprogrammed software of the CMS8000 Patient Monitor and Epsimed MN-120 medical devices related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protecte...

The vulnerability of the Apache HTTP Server’s kernel allows attackers to gain unauthorized access to protected information.

The vulnerability of the Apache HTTP Server’s kernel is related to the use of outdated configuration settings for handlers. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the gp_aux_bus_probe() function in Microchip’s Linux-based PCI1XXXX driver allows a hacker to compromise the accessibility of protected information.

The vulnerability of the gpauxbusprobe function in the drivers/misc/mchpPCI1XXXX/ mchpPCI1XXXXgp.c file of the Microchip PCI1XXXX driver for the Linux operating system is related to the re-liberation of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise t...

PT-2024-7447 · Sap · Sap Landscape Management

Name of the Vulnerable Software and Affected Versions: SAP Landscape Management affected versions not specified Description: The issue is related to the REST Provider Definition response in SAP Landscape Management, which allows an authenticated user to read confidential data. This can cause a hi...

The vulnerability of Intel microprogramming software, related to the leakage of information from vector registers, allows attackers to gain access to protected information.

The vulnerability of Intel microprogramming software is related to the leakage of information from vector registers. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the XWiki platform, caused by deficiencies in the authentication process, allows unauthorized users to gain access to protected information.

The vulnerability of the XWiki platform stems from deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the IBM Security Directory Server software lies in the improper limitation of XML references to external objects. This allows attackers to influence the confidentiality and accessibility of the protected information.

The vulnerability of the IBM Security Directory Server data storage and management software is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow an attacker to influence the confidentiality and accessibility of the protected information...

The vulnerability of the nf_conntrack_dccp_packet() function in the net/netfilter/nf_conntrack_proto_dccp.c module of the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the nfconntrackdccppacket function in the net/netfilter/nfconntrackprotodccp.c module of the Linux kernel is related to the escape of allocated memory from the protected area. Exploiting this vulnerability can allow an attacker to gain access to protected information...

PT-2023-6635 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.105 Description: The issue is related to an inappropriate implementation in the Downloads component of Google Chrome, which allowed a remote attacker to obfuscate security UI via a crafted HTML page...

The vulnerability of the IBM Robotic Process Automation software lies in the insufficient protection of registration data, allowing attackers to gain access to protected information.

The vulnerability of the IBM Robotic Process Automation software lies in the insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information...

PT-2023-9656 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue arises from a boundary error when processing files, allowing a malicious actor to potentially gain unauthorized access to protected information, execute arbitrary code, o...