Lucene search
K

90 matches found

NVD
NVD
added 2025/07/10 9:15 p.m.6 views

CVE-2025-2522

The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in buffer reuse which may...

6.5CVSS0.00231EPSS
Exploits0References1
NVD
NVD
added 2025/07/01 7:15 p.m.7 views

CVE-2025-27153

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

6.5CVSS0.00242EPSS
Exploits0References2
OSV
OSV
added 2025/07/01 5:15 p.m.2 views

UBUNTU-CVE-2025-6297

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...

8.2CVSS7.4AI score0.00347EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/06/19 3:41 a.m.2 views

SUSE CVE-2022-50115

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...

5.5CVSS6.5AI score0.00162EPSS
Exploits0References6
NVD
NVD
added 2025/06/18 11:15 a.m.7 views

CVE-2022-50115

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...

7.8CVSS0.00162EPSS
Exploits0References3
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

DEBIAN-CVE-2022-50115

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...

7.8CVSS5.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.0 views

UBUNTU-CVE-2022-50115

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...

7.8CVSS6.1AI score0.00162EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/06/18 11:2 a.m.5 views

CVE-2022-50115

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...

7.8CVSS5.7AI score0.00162EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/18 11:2 a.m.8 views

CVE-2022-50115 ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for byte controls and if any of the fail the locally allocated scontrol-ipccontroldata is freed up, but not set to NULL. On a...

0.00162EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from SOF ipc3-topology double freeing ipccontroldata in the loadbytes error path, which could lead to memory...

7.8CVSS6.1AI score0.00162EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.11 views

CVE-2022-30317

Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access CDA EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell...

9.1CVSS7.5AI score0.00746EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 a.m.7 views

CVE-2019-15137

The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings instead of the permission expressions themselves, which can lead to unintended connections between participants in a Data Distribution Service DDS network...

7.5CVSS6.8AI score0.0131EPSS
Exploits0References1
CVE
CVE
added 2025/03/20 10:9 a.m.43 views

CVE-2024-9000

In lunary-ai/lunary prior to version 1.4.26, the checklists.post endpoint lacks proper authorization checks, allowing unauthorized users to create or modify checklists. The issue includes missing validation of the user’s permissions and a failure to enforce unique slugs for new checklists, enabli...

7.1CVSS6.8AI score0.0051EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2025/02/27 3:5 a.m.2 views

SUSE CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

5.5CVSS6.9AI score0.00229EPSS
Exploits0References5
NVD
NVD
added 2025/02/26 7:1 a.m.10 views

CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

7.1CVSS0.00229EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

7.1CVSS5.8AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

UBUNTU-CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

7.1CVSS6.5AI score0.00229EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/02/26 2:13 a.m.9 views

CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

7.1CVSS5.8AI score0.00229EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/26 2:13 a.m.17 views

CVE-2022-49518 ASoC: SOF: ipc3-topology: Correct get_control_data for non bytes payload

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

0.00229EPSS
Exploits0References2
CVE
CVE
added 2025/02/26 2:13 a.m.89 views

CVE-2022-49518

The CVE-2022-49518 entry maps to a Linux kernel issue in ASoC SOF ipc3-topology where sof_get_control_data() could perform out-of-bounds access if the payload is not bytes. The fix adjusts control counting and data storage: for non-bytes controls, store a pointer to the data and its size (instead...

7.1CVSS6.6AI score0.00229EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder