Lucene search
+L

286 matches found

BDU FSTEC
BDU FSTEC
added 2023/01/04 12:0 a.m.7 views

The vulnerability of the Mali graphics processor driver, based on architectures such as Midgard, Bifrost, and Valhall, relates to the use of memory after it is freed. This allows a hacker to cause a service failure.

The vulnerability of Mali graphics processor drivers based on Midgard, Bifrost, and Valhall architectures is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

10CVSS8AI score0.12588EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.4 views

PT-2022-26516 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions Midgard r4p0 through r32p0 Arm Mali GPU Kernel Driver versions Bifrost r1p0 through r40p0 Arm Mali GPU Kernel Driver versions Valhall r19p0 through r40p0 Description: A use-after-free issue was discovered i...

8.8CVSS6.7AI score0.01255EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/12/09 12:0 a.m.4 views

PT-2022-6367 · Arm · Arm Mali Gpu Kernel Driver

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions Midgard r13p0 through r32p0 Arm Mali GPU Kernel Driver versions Bifrost r1p0 through r40p0 Arm Mali GPU Kernel Driver versions Valhall r19p0 through r40p0 Description: A non-privileged user can make imprope...

9CVSS9AI score0.00806EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/11/08 12:0 a.m.6 views

ARM Midgard GPU Kernel Driver 安全漏洞

ARM Midgard GPU Kernel Driver is a Mali GPU device driver from ARM UK. A security vulnerability exists in the ARM Midgard GPU Kernel Driver versions r4p0 through r31p0, the Bifrost GPU Kernel Driver versions r0p0 through r38p1, r39p0, and the Valhall GPU Kernel Driver versions r19p0 through r38p1...

8.8CVSS7.8AI score0.00678EPSS
Exploits0References2
OSV
OSV
added 2022/10/25 7:15 p.m.1 views

CVE-2022-38181

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0...

8.8CVSS5.8AI score0.12588EPSS
Exploits4References6
Prion
Prion
added 2022/10/25 7:15 p.m.29 views

Design/Logic Flaw

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0...

6.5CVSS8.4AI score0.12588EPSS
Exploits4References5Affected Software3
Vulnrichment
Vulnrichment
added 2022/10/25 12:0 a.m.12 views

CVE-2022-38181

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0...

8.6AI score0.12588EPSS
Exploits4References5
ATTACKERKB
ATTACKERKB
added 2022/10/25 12:0 a.m.79 views

CVE-2022-38181

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0. Recent assessments: Assessed Attacker Value: 0...

8.8CVSS8.3AI score0.12588EPSS
In wildExploits4References6
Cvelist
Cvelist
added 2022/10/25 12:0 a.m.41 views

CVE-2022-38181

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0...

8.7AI score0.12588EPSS
Exploits4References5
BDU FSTEC
BDU FSTEC
added 2022/10/24 12:0 a.m.7 views

The vulnerability of the Bifrost data-synchronization software is related to deficiencies in the authentication process, which allows attackers to elevate their privileges.

The vulnerability of the Bifrost data-synchronization software is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain increased privileges...

9CVSS7.6AI score0.00727EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2022/10/20 5:15 a.m.15 views

Authentication Bypass

github.com/brokercap/bifrost is vulnerable to authentication bypass. The vulnerability exists in multiple functions of ajax.js because of removing the X-Requested-With: XMLHttpRequest field from the request header which allows an attacker to bypass permission using HTTP basic authentication...

8.8CVSS8.5AI score0.00727EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/10/19 1:15 p.m.45 views

CVE-2022-39267

Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions prior to 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the X-Requested-With:...

8.8CVSS0.00727EPSS
Exploits0References2
Prion
Prion
added 2022/10/19 1:15 p.m.19 views

Authentication flaw

Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions prior to 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the X-Requested-With:...

6.5CVSS8.8AI score0.00727EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.5 views

Bifrost 授权问题漏洞

Bifrost is brokercap individual developers for production environments for MySQL, MariaDB synchronization to Redis, ClickHouse, Elasticsearch and other services, heterogeneous middleware . A security vulnerability exists in Bifrost versions prior to 1.8.8. An attacker exploiting this vulnerabilit...

8.8CVSS7.9AI score0.00727EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/10/19 12:0 a.m.40 views

CVE-2022-39267 Brokercap Bifrost vulnerable to authentication bypass for admin and monitor user groups

Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions prior to 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the X-Requested-With:...

8.8CVSS9AI score0.00727EPSS
Exploits0References2
OSV
OSV
added 2022/10/19 12:0 a.m.29 views

CVE-2022-39267 Brokercap Bifrost vulnerable to authentication bypass for admin and monitor user groups

Bifrost is a heterogeneous middleware that synchronizes MySQL, MariaDB to Redis, MongoDB, ClickHouse, MySQL and other services for production environments. Versions prior to 1.8.8-release are subject to authentication bypass in the admin and monitor user groups by deleting the X-Requested-With:...

8.8CVSS8.5AI score0.00727EPSS
Exploits0References4
CVE
CVE
added 2022/10/19 12:0 a.m.73 views

CVE-2022-39267

CVE-2022-39267 affects Bifrost, a middleware that synchronizes MySQL/MariaDB to Redis, MongoDB, ClickHouse, and other services. The vulnerability occurs in versions prior to 1.8.8-release, where an attacker can bypass authentication in the admin and monitor user groups by removing the X-Requested...

8.8CVSS8.8AI score0.00727EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/10/18 7:57 p.m.28 views

Bifrost vulnerable to authentication check flaw that leads to authentication bypass

Impact The admin and monitor user groups need to be authenticated by username and password. If we delete the X-Requested-With: XMLHttpRequest field in the request header,the authentication will be bypassed. Patches https://github.com/brockercap/Bifrost/pull/201 Workarounds Upgrade to the latest...

8.8CVSS8.5AI score0.00727EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/10/18 7:57 p.m.19 views

GHSA-MXRX-FG8P-5P5J Bifrost vulnerable to authentication check flaw that leads to authentication bypass

Impact The admin and monitor user groups need to be authenticated by username and password. If we delete the X-Requested-With: XMLHttpRequest field in the request header,the authentication will be bypassed. Patches https://github.com/brockercap/Bifrost/pull/201 Workarounds Upgrade to the latest...

8.8CVSS8.7AI score0.00727EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/18 12:0 a.m.3 views

PT-2022-5183 · Bifrost · Bifrost

Name of the Vulnerable Software and Affected Versions: Bifrost versions prior to 1.8.8-release Description: The issue is related to authentication bypass in the admin and monitor user groups. This can be achieved by deleting the X-Requested-With: XMLHttpRequest field in the request header. There...

9CVSS7.5AI score0.00727EPSS
Exploits0References9
Rows per page
Query Builder