794 matches found
CVE-2022-32491
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM...
CVE-2022-32491
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM...
CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.
A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...
CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.
A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...
DEBIAN-CVE-2021-40647
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...
CVE-2021-40647
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...
UBUNTU-CVE-2021-40647
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...
Heap overflow
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...
CVE-2021-40647
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...
CVE-2021-40647
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...
Input validation
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in Google Chrome Media, which can be exploited by an attacker to perform arbitrary read/write operations via specially crafted HTML pages...
CVE-2022-36991
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path o...
CVE-2022-36991
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path o...
CVE-2022-36991
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path o...
Veritas NetBackup 安全漏洞
Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...
Global overflow in pppdump leads to RCE
Global overflow vulnerability in pppdump A global overflow vulnerability is present in the pppdump utility of the ppp repo which may lead to code execution. Specifically when the -p flag is given for enabling the pppmodeon the pppdump command, a malicious crafted pppdump file can trigger a global...
SUSE: Security Advisory (SUSE-SU-2022:2057-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for u-boot (SUSE-SU-2022:2056-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:2057-1 Security update for u-boot
This update for u-boot fixes the following issues: - A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code. CVE-2022-30552, bsc1200363 - A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive. CVE-2022-30790, bsc1200...