GSD-2022-1001102 io_uring: bump poll refs to full 31-bits

iouring: bump poll refs to full 31-bits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...

GSD-2022-1001091 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs

KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.3 by commit...

CVE-2022-27831

Improper boundary check in sflvdrdbufbits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory...

Integer overflow

An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...

CVE-2021-45863

tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit::updateBits in hevc.cpp...

CVE-2021-45861

There is an Assertion num = INTBIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277...

Microsoft Windows Background Intelligent Transfer Service Privilege Escalation (CVE-2020-0787)

A privilege escalation exists in Microsoft Windows Background Intelligent Transfer Service. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability

Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges...

Apple macOS ImageIO DDS image out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the DDS image parsing functionality of ImageIO library on Apple macOS Big Sur 11.6.1 and iOS 15.1. A specially-crafted DDS file can disclose sensitive memory content which can aid in exploitation of other vulnerabilities. An attacker can deliv...

Pip-Audit - Audits Python Environments And Dependency Trees For Known Vulnerabilities

pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database https://github.com/pypa/advisory-db via the PyPI JSON API as a source of vulnerability reports. This project is developed by Trail of Bits with support from...

CVE-2021-22566 Incorrect mapping of Executable bits in Fuchsia Kernel

An incorrect setting of UXN bits within mmuflagstos1pteattr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An incorrect setting of PXN bits...

CVE-2021-22566 Incorrect mapping of Executable bits in Fuchsia Kernel

An incorrect setting of UXN bits within mmuflagstos1pteattr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An incorrect setting of PXN bits...

Scemu - X86 32bits Emulator, For Securely Emulating Shellcodes

x86 32bits emulator, for securely emulating shellcodes. Features  rust safety, good for malware. All dependencies are in rust. zero unsafe blocks. very fast emulation much faster than unicorn 3,000,000 instructions/second 100,000 instructions/second printing every instruction -vv. powered by...

GHSA-GP6J-VX54-5PMF Incorrect validation of parties IDs leaks secret keys in Secret-sharing scheme

Summary In the threshold signature scheme, participants start by dividing secrets into shares using a secret sharing scheme. The Verifiable Secret Sharing scheme generates shares from the user’s IDs but does not properly validate them. Using a malicious ID will make other users reveal their secre...

GSD-2021-1002500 xhci: Fix commad ring abort, write all 64 bits to CRCR register.

xhci: Fix commad ring abort, write all 64 bits to CRCR register. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.84 by commit...

CVE-2021-43533

When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing. This vulnerability affects Firefox 94...

UBUNTU-CVE-2021-43533

When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing. This vulnerability affects Firefox 94...

The vulnerability of the internal protection mechanism for the target string (TRR) of DRAM devices (PC-DDR4, LPDDR4X) allows attackers to enhance their privileges.

The vulnerability of the internal protection mechanism for the target string TRR in DRAM devices PC-DDR4, LPDDR4X relates to the possibility of manipulating the contents of individual memory bits through cyclic reading from memory cells. Exploiting this vulnerability can allow an attacker to...

UBUNTU-CVE-2021-3911

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash...

AMD CPUs 注入漏洞

AMD CPUs is a GPU component from AMD USA. AMD CPUs suffers from an injection vulnerability that stems from the CPU temporarily performing a non-canonical load using only the lower 48 address bits. An attacker could use this vulnerability to access sensitive information on an unauthorized system...