EUVD-2023-38893

Malicious code in bioql PyPI...

Stack overflow

There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110...

Exposure of Sensitive Information to an Unauthorized Actor in eventsource/eventsource

Exposure of Sensitive Information to an Unauthorized Actor in EventSource/eventsource Reported on Feb 6th 2022 | Timothee Desurmont Vulnerability type: CWE-200 Bug Cookies & Authorisation headers are leaked to external sites. Description When fetching an url with a link to an external site...

CVE-2020-13991

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

Design/Logic Flaw

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

CVE-2020-13991

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register...

CVE-2020-13991

CVE-2020-13991 affects JerryScript 2.2.0, specifically the vm/opcodes.c implementation. The provided sources state that an attacker can hijack the flow of control by manipulating a register within this module. This vulnerability is tied to the release of JerryScript 2.2.0 and is documented across...

Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked

Multiple operating system vendors issued coordinated patches this week to address a common vulnerability across their platforms, which was introduced thanks to widespread misinterpretation of Intel developer documentation. According to the CERT/CC team, most major players including Apple, FreeBSD...