7654 matches found
Google Android Information Disclosure Vulnerability (CNVD-2022-44592)
Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of permission checking in the DomainVerificationService. An attacker could exploit this vulnerability to cause local information...
Google Android Information Disclosure Vulnerability (CNVD-2022-44594)
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that stems from a lack of permission checking in Device Policy. An attacker could use this vulnerability to obtain sensitive information...
About the security content of iOS 15.4.1 and iPadOS 15.4.1
About the security content of iOS 15.4.1 and iPadOS 15.4.1 This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
Result of transfer not checked
Lines of code Vulnerability details Impact A call to transfer is done without checking the results. For certain ERC20 tokens, if insufficient tokens are present, no revert occurs but a result of "false" is returned. So it's important and also a best practice to check this. Note that, in almost al...
CVE-2021-43105
A vulnerability in the bailiwick checking function in Technitium DNS Server = v7.0 exists that allows specific malicious users to inject NS records of any domain even TLDs into the cache and conduct a DNS cache poisoning attack...
CVE-2021-43105
A vulnerability in the bailiwick checking function in Technitium DNS Server = v7.0 exists that allows specific malicious users to inject NS records of any domain even TLDs into the cache and conduct a DNS cache poisoning attack...
CVE-2021-43105
Technitium DNS Server vulnerabilities: A bailiwick checking function flaw in versions ≤ 7.0 allows malicious users to inject NS records of any domain (even TLDs) into the cache, enabling DNS cache poisoning. The PT-2022-11786 entry and CNNVD/CVE references corroborate this, stating the impact as ...
The vulnerability of the command-line interface of StarOS systems allows attackers to execute arbitrary commands and increase their privileges.
The vulnerability of the command-line interface of StarOS systems is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...
[SECURITY] Fedora 36 Update: enchant2-2.3.2-5.fc36
A library that wraps other spell checking backends...
Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Control (CVE-2020-4329)
Summary WebSphere Application Server Liberty could allow a remote, authenticated attacker to obtain sensitive information caused by improper paramater checking which affects IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8....
Google Android Elevation of Privilege Vulnerability (CNVD-2022-46302)
Google Android is a Linux-based open-source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a privilege checking error. An attacker could exploit this vulnerability to elevate local privileges...
USN-5341-1: GNU binutils vulnerabilities
It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this issue to cause a denial of service. CVE-2017-17122 It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug...
USN-5341-1 binutils vulnerabilities
It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this issue to cause a denial of service. CVE-2017-17122 It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug...
CVE-2022-22664
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...
CVE-2022-22664
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...
CVE-2022-22634
A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2022-22635
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges...
CVE-2022-22634
A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges...
CVE-2022-22635
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges...
CVE-2022-22634
A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges...