MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of bounds checking in nvram, which may result in out-of-bounds writes...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the vowifi service...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the vowifi service...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the vowifi service...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the vowifi service...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of bounds checking in seninf, which may result in out-of-bounds writes...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the vowifi service...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a possible lack of privilege checking in the ims service...

PT-2023-17669 · Imgsys · Imgsys

Name of the Vulnerable Software and Affected Versions: imgsys affected versions not specified Description: The issue is related to a possible out of bounds read in imgsys due to missing valid range checking. This could lead to local information disclosure, requiring System execution privileges...

PT-2023-17667 · Unknown · Imgsys Cmdq

Name of the Vulnerable Software and Affected Versions: imgsys cmdq affected versions not specified Description: The issue is related to a possible out of bounds read in imgsys cmdq due to missing valid range checking. This could lead to local information disclosure, requiring System execution...

PT-2023-17675 · Unknown · Imgsys Cmdq

Name of the Vulnerable Software and Affected Versions: No specific software name is provided, but the affected component is imgsys cmdq affected versions not specified Description: In imgsys cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to...

PT-2023-17672 · Unknown · Imgsys Cmdq

Name of the Vulnerable Software and Affected Versions: imgsys cmdq affected versions not specified Description: In imgsys cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed...

PT-2023-5587 · Libtom +5 · Libtommath +5

Name of the Vulnerable Software and Affected Versions: libtom libtommath versions before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9 Description: The issue is related to an integer overflow vulnerability in the mp grow function of the libtom libtommath library. This vulnerability can be...

CVE-2020-18232

A flaw was found in HDF5, which allows a local, authenticated attacker to execute arbitrary code on the system, caused by improper bounds checking by the H5Sclose function in H5S.c. By using a specially crafted file, an attacker can execute arbitrary code on the system...

CVE-2023-40178

Node-SAML is a SAML library not dependent on any frameworks that runs in Node. The lack of checking of current timestamp allows a LogoutRequest XML to be reused multiple times even when the current time is past the NotOnOrAfter. This could impact the user where they would be logged out from an...

CVE-2023-40178 @node-saml/node-saml's validatePostRequestAsync does not include checkTimestampsValidityError

Node-SAML is a SAML library not dependent on any frameworks that runs in Node. The lack of checking of current timestamp allows a LogoutRequest XML to be reused multiple times even when the current time is past the NotOnOrAfter. This could impact the user where they would be logged out from an...

Amazon Linux 2 : edk2 (ALAS-2023-2205)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2205 advisory. Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckexor EVPPKEYparamcheck to check a DH key or DH paramete...

Moodle 安全漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from insufficient checking, resulting in data being compromised...

Vulnerabilities in web browsers Firefox and Firefox ESR, as well as the email client Thunderbird, stem from insufficient checking of unusual or exceptional states, allowing attackers to exploit these vulnerabilities to compromise data integrity.

The vulnerabilities of web browsers Firefox, Firefox ESR, and the email client Thunderbird are related to insufficient checking of unusual or exceptional states. Exploiting these vulnerabilities can allow a remote attacker to compromise data integrity...

OESA-2023-1507 amanda security update

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to a single large capacity tape or disk drive. Amanda uses native tools such as GNUtar, dump for backup and ca...