ocfs2: add bounds checking to ocfs2_xattr_find_entry()

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from faulty bounds checking in the mienumattr function...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrect Fw reference checking...

RockyLinux 9 : kernel (RLSA-2024:8617)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

Huawei HarmonyOS Type Check Not Strict Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...

CVE-2024-10318 NGINX OpenID Connect Vulnerability

A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. This flaw allows an attacker to fix a victim's session to an attacker-controlled account. As a result, although the attacker cannot log in as the victim, they...

Mastodon 4.2.x < 4.2.10 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.18 or 4.2.x prior to 4.2.10. It is, therefore, affected by multiples vulnerabilities : - An Insufficient permission checking on multiple API endpoints - An Improper authorship check ...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...

Mastodon < 4.1.18 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.18 or 4.2.x prior to 4.2.10. It is, therefore, affected by multiples vulnerabilities : - An Insufficient permission checking on multiple API endpoints - An Improper authorship check ...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds writes may occur. An attacker can escalate privileges by exploiting the vulnerability...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds writes may occur. An attacker can escalate privileges by exploiting the vulnerability...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds writes may occur. An attacker can escalate privileges by exploiting the vulnerability...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a lack of boundary checking, where out-of-bounds reads may occur. An attacker exploiting the vulnerability could gain access to sensitive...

Google Pixel trusty_shared_memory_manager.cc file buffer overflow vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in TrustySharedMemoryManager::GetSharedMemory at ondevice/trusty/trustysharedmemorymanager.cc, which could be exploited by an...

Google Pixel syscall.c file buffer overflow vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in validaddress in syscall.c, which can be exploited by an attacker to cause an out-of-bounds read...

Google Pixel mm_GmmPduCodec.c file buffer overflow vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect bounds checking in mmGetMobileIdIndexForNsUpdate in mmGmmPduCodec.c, which can be exploited by an attacker to cause an out-of-bounds write...

Google Pixel Out-of-Bounds Read Vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from an out-of-bounds read vulnerability that stems from a lack of boundary checking, which can be exploited by an attacker to read local information out of bounds...

Google Pixel protocolmiscmiscadapter.cpp file buffer overflow vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking in protocolmiscHwConfigChangeAdapter::GetData's protocolmiscmiscadapter.cpp, which can be exploited by an attacker to cause an...

kernel: xfs: add bounds checking to xlog_recover_process_data

A vulnerability has been identified within the Linux kernel's xlogrecoverprocessdata function. Specifically, the function lacks proper bounds checking on the space allocated for the fixed members of the xlogopheader structure during log record processing. This omission can lead to an out-of-bound...

The vulnerability of the detection mechanism for network traffic analysis tools, network detection, and response by Palo Alto Networks’ Cortex XDR Agent on Windows operating systems allows attackers to disable the Cortex XDR Agent and execute arbitrary code.

The vulnerability of the detection mechanism for network traffic analysis, network detection, and response by Palo Alto Networks’ Cortex XDR Agent in Windows operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow an attack...