182 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-2201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In generatejsimdyccrgbconvertneon of jsimdarm64neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code...
CVE-2017-13323
In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2018-9472
In xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2018-9472
In xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2018-9472
In xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation...
NVIDIA CUDA toolkit 缓冲区错误漏洞
The NVIDIA CUDA toolkit is a toolkit from NVIDIA, Inc. It provides a development environment for creating high-performance GPU-accelerated applications. The NVIDIA CUDA toolkit suffers from a buffer error vulnerability that originates from the possibility that a user may cause a crash by passing ...
Double free
In Confirmation of keystorecliv2.cpp, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
PUB-A-226234140
In Confirmation of keystorecliv2.cpp, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...
K67416037: Linux kernel vulnerability CVE-2021-23133
Security Advisory Description A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is...
SUSE CVE-2017-0478
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses t...
SUSE CVE-2022-22750
By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.This bug only affects Firefox for Windows and MacOS. Other operating...
Path traversal
OpenHarmony-v3.1.2 and prior versions had an Multiple path traversal vulnerability in appspawn and nwebspawn services. Local attackers can create arbitrary directories or escape application sandbox.If chained with other vulnerabilities it would allow an unprivileged process to gain full root...
CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmzuserdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel...
FreeBSD-SA-22:11.vm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:11.vm Security Advisory The FreeBSD Project Topic: Memory disclosure by stale virtual memory mapping Category: core Module: vm Announced: 2022-08-09 Credits:...
FreeBSD -- Memory disclosure by stale virtual memory mapping
Problem Description: A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. Impact: An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read...
Debian DLA-3037-1 : libjpeg-turbo - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3037 advisory. Several integer overflows have been discovered in TurboJPEG, a JPEG image library, which can lead to a denial of service application crash if someone attempts to compress o...
CVE-2021-24038
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...
Privilege escalation
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507...
SUSE SLES12 Security Update : kernel (Live Patch 13 for SLE 12 SP5) (SUSE-SU-2021:2453-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2453-1 advisory. This update for the Linux Kernel 4.12.14-12254 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed a possibl...
SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP2) (SUSE-SU-2021:2387-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2387-1 advisory. This update for the Linux Kernel 5.3.18-2437 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed a possible...