13470 matches found
Cross site scripting
Jenkins JUnit Plugin 1159.v0b396e1e07dd and earlier converts HTTPS URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-3461
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using...
Heap overflow
In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using...
Security Vulnerabilities fixed in Firefox 107 — Mozilla
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. Through a series of popup and window.print calls, an...
GSD-2022-1007651 drivers: serial: jsm: fix some leaks in probe
drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...
GSD-2022-1007605 ext4: fix null-ptr-deref in ext4_write_info
ext4: fix null-ptr-deref in ext4writeinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...
GSD-2022-1007555 fbdev: smscufx: Fix several use-after-free bugs
fbdev: smscufx: Fix several use-after-free bugs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...
GSD-2022-1007552 x86/unwind/orc: Fix unreliable stack dump with gcov
x86/unwind/orc: Fix unreliable stack dump with gcov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...
GSD-2022-1007425 mISDN: fix use-after-free bugs in l1oip timer handlers
mISDN: fix use-after-free bugs in l1oip timer handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...
GSD-2022-1007357 iommu/vt-d: Clean up si_domain in the init_dmars() error path
iommu/vt-d: Clean up sidomain in the initdmars error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.221 by commit...
GSD-2022-1007296 selftests/xsk: Avoid use-after-free on ctx
selftests/xsk: Avoid use-after-free on ctx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1007283 drm/omap: dss: Fix refcount leak bugs
drm/omap: dss: Fix refcount leak bugs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1007263 tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
tty: serial: fsllpuart: disable dma rx/tx use flags in lpuartdmashutdown This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1007247 x86/entry: Work around Clang __bdos() bug
x86/entry: Work around Clang bdos bug This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1007227 kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT
kselftest/arm64: Fix validatation termination record after EXTRACONTEXT This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1007153 wifi: mac80211: fix crash in beacon protection for P2P-device
wifi: mac80211: fix crash in beacon protection for P2P-device This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.74 by commit...
GSD-2022-1007140 arm64: mte: move register initialization to C
arm64: mte: move register initialization to C This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.76 by commit...
GSD-2022-1007121 jbd2: add miss release buffer head in fc_do_one_pass()
jbd2: add miss release buffer head in fcdoonepass This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1007016 media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
media: cx88: Fix a null-ptr-deref bug in bufferprepare This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
GSD-2022-1007007 HID: roccat: Fix use-after-free in roccat_read()
HID: roccat: Fix use-after-free in roccatread This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...