13 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...
ALSA: hda: Fix missing pointer check in hda_component_manager_init function
...
SUSE CVE-2025-40097
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...
EUVD-2025-36981
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...
UBUNTU-CVE-2025-40097
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...
CVE-2025-40097 ALSA: hda: Fix missing pointer check in hda_component_manager_init function
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...
CVE-2025-27242 Ssecurity_component_manager has an improper input vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input...
Siemens SiPass Integrated
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SiPass Integrated Vulnerabilities: Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote...
PT-2021-7766 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.16 through 3.5.17 Description: A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality. This issue can be exploited by providing a...
Input validation
An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a valid .ecf component...
CVE-2017-5219
An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a valid .ecf component...
CVE-2017-5219
CVE-2017-5219 affects SageCRM 7.x prior to 7.3 SP3. The Component Manager allows uploading a zip containing a valid .ecf component file, which is extracted to the inf directory outside the webroot. A crafted zip with an empty .ecf can cause arbitrary files to be extracted, including a web shell n...
Apple QuickTime JP2 SIZ Chunk Uninitialized Object Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application'...