CVE-2023-33064

Transient DOS in Audio when invoking callback function of ASM driver...

Design/Logic Flaw

Transient DOS in Audio when invoking callback function of ASM driver...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service issue in the audio when calling the callback function of the ASM driver...

CVE-2023-43570

The CVE-2023-43570 entry involves the OemSmi driver, specifically its SMI callback function, where a local attacker with elevated privileges could execute arbitrary code. Documents consistently identify the vulnerable component as the OemSmi driver’s SMI callback, indicating local privilege escal...

CVE-2023-43570

A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code...

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP...

CVE-2023-33055

CVE-2023-33055 corresponds to memory corruption in Qualcomm audio when a callback in the driver is invoked from the ADSP. The record shows a local attack vector with low privileges and no user interaction, and a high impact on confidentiality, integrity, and availability (CVSS v3.1: AV=L/AC=L/PR=...

CVE-2023-33055 Buffer Copy Without Checking Size of Input in Audio

Memory Corruption in Audio while invoking callback function in driver from ADSP...

OESA-2023-1759 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an...

AZL-31267 CVE-2023-39189 affecting package kernel for versions less than 5.15.135.1-2

A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...

Linux kernel buffer error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nfnlosfaddcallback function failing to validate the optnum field of the user mode control. An attacker...

Memory corruption

Memory corruption while invoking callback function of AFE from ADSP...

CVE-2023-34823

fdkaac before 1.0.5 was discovered to contain a stack overflow in readcallback function in src/main.c...

PT-2023-35848 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified. The crash state includes functions such as H5MM xstrdup, H5G ent to link, and H5G stab lookup cb. Recommendations: At the moment, there i...

ERC777 Re-entrancy Risk

Lines of code Vulnerability details Impact The code does not screen out for tokens that use the erc777 standard and therefore presents a re-entrancy risk via the token's callback function Proof of Concept Tools Used Manual Recommended Mitigation Steps Add in re-entrancy lock to function --- The...

CVE-2023-1919

The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the wpfcpreloadsinglesavesettingscallback function. This makes it possible for unauthenticated attackers to change...

CVE-2023-0441

The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...

Default credentials

The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enab...

CVE-2021-3674

A flaw was found in rizin. The createsectionfromphdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object's callback function...

Memory corruption

A flaw was found in rizin. The createsectionfromphdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object's callback function...