7652 matches found
Out-of-bounds
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service...
CVE-2021-34379
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption...
CVE-2021-34379
CVE-2021-34379 affects NVIDIA Jetson devices running Trusty OS. The HDCP service TA has a bounds-checking flaw in command 10 where the length of an I/O buffer parameter is not checked, potentially leading to memory corruption. The vulnerability is locally exploitable with user interaction not req...
CVE-2021-34378
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges...
CVE-2021-34378
CVE-2021-34378 affects NVIDIA Jetson devices running Trusty OS. The vulnerability is in the HDCP service TA where bounds checking in command 11 is missing, enabling memory-bounds violations that can cause information disclosure, denial of service, or privilege escalation. Affected products includ...
CVE-2021-34377
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service...
CVE-2021-34377
CVE-2021-34377 affects NVIDIA Jetson Trusty HDCP service TA: bounds checking is missing in command 9, enabling potential memory corruption. This local, low-complexity issue could lead to privilege escalation, information disclosure, and denial of service. NVIDIA’s security bulletin lists updated ...
CVE-2021-34376
CVE-2021-34376 concerns Trusty’s HDCP service TA where bounds checking in command 5 is missing. This memory-bound violation can lead to denial of service, escalation of privileges, and information disclosure. Connected NVIDIA and Red Hat/NVD entries corroborate that Trusty TLK/HDCP TA is the affe...
CVE-2021-34376
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure...
Coral 安全漏洞
coral is an open source project. Improve the community on your website through smart technology, effective design, and efficient strategy. A security vulnerability exists in Coral Talk 4 versions prior to 4.12.1, which stems from the use of incorrect data types for program privilege checking, and...
CVE-2021-20572
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247...
CVE-2021-20573
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249...
Heap overflow
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249...
CVE-2021-20573
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249...
CVE-2021-20572
IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247...
ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in Image Uploader Component
The cover photo and profile photo upload functionalities of the plugin were vulnerable to arbitrary file uploads due to the use of exifimagetype for filetype checking. PoC 'Hax0r2', 'regemail' = '[email protected]', 'regpassword' = 'password', 'regpasswordpresent' = 'true', 'regfirstname' =...
ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader Component
There is functionality in the plugin to add file uploads to user registrations and profile updates that had no file type checking in place making it possible for arbitrary files to be uploaded. PoC fh = open'shell.php', 'wb' fh.writeb'\xFF\xD8\xFF\xE0' + b'' fh.close 'Hax0r', 'regemail' =...
CVE-2020-4609
IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...
CVE-2020-4609
IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...
Buffer overflow
IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...