AZL-6561 CVE-2021-33033 affecting package kernel for versions less than 5.10.78.1-1

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

AZL-6562 CVE-2021-33034 affecting package kernel for versions less than 5.10.78.1-1

In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...

DEBIAN-CVE-2021-33034

In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...

UBUNTU-CVE-2021-33034

In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...

impacket 路径遍历漏洞

impacket is a software application. A collection of Python classes for handling network protocols. A security vulnerability exists in Impacket versions prior to 0.9.22, which stems from a multiple path traversal vulnerability in smbserver.py. An attacker could exploit this vulnerability to... Lis...

CVE-2021-1769

CVE-2021-1769 describes a logic issue in macOS/iOS/watchOS/tvOS/iPadOS components where improved validation fixes allow bypassing Pointer Authentication. The vulnerability is triggered by a malicious attacker with arbitrary read/write capabilities and results in potential bypass of Pointer Authen...

CVE-2021-22712

Schneider Electric IGSS Def.exe (Definition) has a CWE-119 buffer bounds vulnerability in V15.0.0.21041 and earlier, allowing arbitrary read/write via parsing a malicious CGF file due to an unchecked pointer address. ZDI reports remote code execution with user interaction required (visit a malici...

Command Execution Vulnerability in PHP Simple Auto Card Issuing Platform Personal Edition

PHP simple automatic card issuance platform personal version is the use of php mysql for the development of automatic card payment platform. The platform backend has an arbitrary write configuration file vulnerability that leads to command execution. PHP Simple Automatic Card Issuance Platform...

VulnCheck KEV: CVE-2017-16238

Tgsoft Vir.itexplorer arbitrary write kernel vulnerability via 0x82730080 ioctls...

CVE-2020-11179

Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

Gotenberg Directory Traversal Vulnerability

Gotenberg is a Docker-powered stateless API for converting HTML, Markdown and Office documents to PDF. A directory traversal vulnerability exists in the file upload functionality of Gotenberg 6.2.1 and earlier. An attacker could use this vulnerability to upload and overwrite arbitrary writable...

CVE-2020-27172

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

CVE-2020-27172

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

Memory corruption

An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecallrestore using the attribute output which fails to check the range of a pointer. An attacker can use this pointer to write to arbitrary memory addresses including those within...

EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2020-2443)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because...

CVE-2020-9910

Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able t...

CVE-2020-13995

U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable sBuffer leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DESinfo or imageinfo...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1920)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local...

QEMU <= 4.1.0 Arbitrary Write Vulnerability

QEMU is prone to an arbitrary write vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2016-7063

A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation...