125 matches found
CVE-2018-1000660
TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. For example dfde28196cd12071fcf6669f7654be7df482b85d contains a Insecure Permissions vulnerability in Function getpackagename in the file kernel/src/tbfheader.rs, variable "pub packagename: &'static str," in the file process.r...
CVE-2018-14713
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter...
CVE-2025-0478 GPU DDK - PMMETA_PROTECT PMR can be exported as dma-buf file / GEM object
Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...
Imagination GPU Driver 安全漏洞
Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that stems from improper GPU system calls that could result in reading and writing arbitrary physical memory pages...
Linux Distros Unpatched Vulnerability : CVE-2014-4616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read...
CVE-2025-20887
Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...
CVE-2025-20887
Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...
CVE-2025-20889
Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...
CVE-2025-20887
Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...
PT-2024-9699 · Microsoft +4 · Edge +5
Name of the Vulnerable Software and Affected Versions: Chromium versions prior to 131.0.6778.204 Google Chrome versions prior to 131.0.6778.204 Microsoft Edge affected versions not specified Description: A vulnerability exists in the V8 JavaScript engine used by Google Chrome and Microsoft Edge...
Important: postgresql
Issue Overview: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirm...
EulerOS 2.0 SP11 : shim (EulerOS-SA-2023-2301)
According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...
NVIDIA Jetson 安全漏洞
NVIDIA Jetson is an embedded system development module from NVIDIA. NVIDIA Jetson suffers from a security vulnerability that originates from the initialization of the PCIe controller without an IOMMU, which can be exploited by an attacker to read and write arbitrary memory, and successful...
Design/Logic Flaw
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure, or data tampering...
git: gitattributes parsing integer overflow
A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, or declared attribute names. These...
CVE-2020-13495
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypa...
Samsung SMR 缓冲区错误漏洞
SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung mobile applications. Samsung SMR suffers from a buffer error vulnerability that stems from a lack of input validation prior to TIMA trustlet memory copying, allowing an attacker to...
FreeBSD : libpano13 -- arbitrary memory access through format string vulnerability (15e74795-0fd7-11ec-9f2e-dca632b19f10)
libpano13 developers reports : Fix crash and security issue caused by malformed filename prefix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021 Jacques Vidrine and...
Improper access control
An arbitrary memory access vulnerability in the EPA protocol of Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to read the contents of any variable area...
CVE-2020-18756
The CVE-2020-18756 entry describes an arbitrary memory access vulnerability in the EPA protocol of Dut Computer Control Engineering Co.’s MAC1100 PLC. The root cause is a memory access flaw that allows an attacker to read the contents of any variable area within the device. Impact is read-access ...