94 matches found
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption that could result from writing to registers using Virtual cdm...
CVE-2024-36068
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...
CVE-2023-21120
In multiple functions of cdmengine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...
Malicious code in lib-automotive-call-cdm (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-1042 Malicious code in lib-automotive-call-cdm (npm)
The package communicates with a domain associated with malicious activity...
CISA Releases New Public Version of CDM Data Model Document
Today, the Cybersecurity and Infrastructure Security Agency CISA released an updated public version of the Continuous Diagnostics and Mitigation CDM Data Model Document. Version 5.0.1 aligns with fiscal year 2023 Federal Information Security Modernization Act FISMA metrics. The CDM Data Model...
CVE-2024-36068
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...
CVE-2024-36068
CVE-2024-36068 affects Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6, and 8.1.3-p12. The vulnerability is described as an incorrect access control that allows an attacker with network access to execute arbitrary code. The connected documents reiterate the affected versions and impact but do not...
CVE-2024-36068
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...
CVE-2024-36068
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and 8.1.3-p12, allows an attacker with network access to execute arbitrary code...
CVE-2024-31320
In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-31320
In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21120
In multiple functions of cdmengine.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID:...
SUSE CVE-2016-2837
Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...
CVE-2022-30984
A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...
CVE-2022-30984
A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...
CVE-2022-30984
A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...
Cross site request forgery (csrf)
IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887...
CVE-2022-24831
OpenClinica (EDC/CDM platform) has a SQL injection vulnerability in versions prior to 3.16.1 caused by building SQL via string concatenation instead of prepared statements. Exploitation можно leads to partial confidentiality, integrity, and availability impact as per CVSS data. The issue has been...
CVE-2022-24830
OpenClinica is an open source software for Electronic Data Capture EDC and Clinical Data Management CDM. OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known...