CVE-2024-46974 GPU DDK - Arbitrary write of read-only dmabuf

Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers...

SUSE CVE-2024-12087

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

CVE-2024-12425

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font...

UBUNTU-CVE-2024-12425

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font...

ASUS System Analysis IO 安全漏洞

ASUS System Analysis IO is a module in a diagnostic software from Asus China. A security vulnerability exists in ASUS System Analysis IO version 1.0.0, which stems from a problem with the AsusSAIO.sys component that allows an attacker to perform arbitrary read and write operations by supplying a...

PT-2025-37973

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a vulnerability in the atmtcp subsystem that could allow for arbitrary write access. Specifically, the issue resides within the atmtcp recv control function and...

PT-2024-30631 · Imagination Technologies · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned in the provided descriptions. Description: The issue allows software installed and run as a non-privileged user to trigger the GPU kernel driver to write to arbitrary read-only system files...

CVE-2024-48981

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does n...

CVE-2024-48985

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet data. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the...

CVE-2024-48985

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet data. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the...

CVE-2024-48981

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does n...

CVE-2024-48985

MBed OS 6.16.0 is affected by a buffer overflow in HCI packet processing. When reading the packet length from the first two bytes, the code allocates a buffer sized to the packet body plus header; if allocation fails due to an oversized packet, there is no proper error handling and hciTrSerialRxI...

PT-2024-33310 · Arm · Mbed Os

Name of the Vulnerable Software and Affected Versions: MBed OS version 6.16.0 Description: An issue was discovered in the processing of HCI packets. The software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of...

CVE-2024-48981

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does n...

CVE-2024-48981

Summary: MBed OS 6.16.0 contains a vulnerability in HCI packet processing. The code path that determines the packet header length during HCI input (function hciTrSerialRxIncoming) does not discard packets with invalid identifiers and does not set a safe default for unknown header lengths. This ca...

CVE-2018-9368

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9368

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation...

webkit: pointer authentication bypass

A vulnerability was found in Webkit. This flaw allows an attacker with arbitrary read and write capability to bypass pointer authentication...

CVE-2024-47013

In pmucalraehandleseqint of flexpmucalrae.c, there is a possible arbitrary write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-47013

In pmucalraehandleseqint of flexpmucalrae.c, there is a possible arbitrary write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...