266 matches found
CVE-2024-45382 Liteos_a has an Out-of-bounds Write vulnerability
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a corrupted VP assist page that causes the program to crash...
CVE-2024-8612
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...
CVE-2024-29779
there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-29779
there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-29779
there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2024-23021 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no...
CVE-2024-39612 Background Task Manager has an out-of-bounds read permission bypass vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read...
PUB-A-336862373
there is a possible escalation of privilege due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-44942
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on F2FSINLINEDATA flag in inode during GC syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/inline.c:258! CPU: 1 PID: 34 Comm: kworker/u8:2 Not tainted...
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
This is a PoC exploit for CVE-2024-38063, a 0-day vulnerability...
CVE-2022-48941
In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 "ice: Stop processing VF messages during teardown" introduced a driver state flag, ICEVFDEINITINPROGRESS, which is intended to prevent some issues with concurrently...
CrowdStrike Reveals Root Cause of Global System Outages
Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review PIR, has been traced bac...
Widespread IT Outage Due to CrowdStrike Update
Note: CISA will update this Alert with more information as it becomes available. Update 4:30 p.m., EDT, August 6, 2024: CrowdStrike has published its Root Cause Analysis RCA reportlink is external. According to CrowdStrike, “the full report elaborates on the information previously shared in our...
CVE-2024-40981
In the Linux kernel, the following vulnerability has been resolved: batman-adv: bypass empty buckets in batadvpurgeorigref Many syzbot reports are pointing to soft lockups in batadvpurgeorigref 1 Root cause is unknown, but we can avoid spending too much time there and perhaps get more interesting...
CVE-2024-31071
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion...
CVE-2024-3816
Sites managed in S@M CMS Concept Intermedia might be vulnerable to a blind SQL Injection executed using the search bar. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears...
CVE-2024-3801
Sites managed in S@M CMS Concept Intermedia might be vulnerable to Reflected XSS via including scripts in one of GET header parameters. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears...
PT-2024-27894 · Concept Intermedia · S@M Cms
Name of the Vulnerable Software and Affected Versions: S@M CMS Concept Intermedia affected versions not specified Description: The issue concerns a blind SQL Injection that can be executed using the search bar in sites managed by S@M CMS. It is noted that only a part of the observed services is...
Google Golang Security Vulnerability
Google Golang is a static strongly typed, compiled language from Google.Go's syntax is close to that of C, but differs with respect to variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages that...