The vulnerability of the PhysmemCreateNewDmaBufBackedPMR function in the ChromeOS operating system allows a hacker to execute arbitrary code and enhance their privileges.

The vulnerability of the PhysmemCreateNewDmaBufBackedPMR function in the ChromeOS operating system is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code and increase their privileges...

CVE-2023-40109

In createFromParcel of UsbConfiguration.java, there is a possible background activity launch BAL due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

PT-2024-12847 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a permissions bypass in the createFromParcel method of UsbConfiguration.java. This could lead to a background activity launch, resulting in local escalation of...

CVE-2023-52429

A flaw was found in the md driver in the linux kernel. Due to a missing check for struct dmioctl.targetcount, dmtablecreate can attempt to allocate more bytes than intended, resulting in a crash...

Privilege Escalation

postgresql is vulnerable to Privilege Escalation. The vulnerability due to unauthorized execution of arbitrary SQL functions as the command issuer with elevated privileges using REFRESH MATERIALIZED VIEW CONCURRENTLY command. It leads to an attacker creates functions that use CREATE RULE to conve...

DEBIAN-CVE-2023-52429

dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...

UBUNTU-CVE-2023-52429

dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a lack of checking for ubi-lebsize, where createemptylvol in drivers/mtd/ubi/vtbl.c may attempt to allocate zero bytes and crash...

PT-2024-2834 · Moodle · Moodle Lms

Name of the Vulnerable Software and Affected Versions: Moodle LMS affected versions not specified Description: The issue is related to inadequate access control in the Moodle Learning Management System. This could allow a user with a student role to create arbitrary events intended for users with...

GHSA-C85R-FWC7-45VC Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core'

Impact A vulnerability has been identified when granting a create or global role for a resource type of "namespaces"; no matter the API group, the subject will receive permissions for core namespaces. This can lead to someone being capable of accessing, creating, updating, or deleting a namespace...

CVE-2024-0985

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The...

CVE-2024-0985

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The...

Event Tickets Plus < 5.9.1 - Contributor+ Attendees Lists Disclosure

Description The plugin does not prevent users with at least the contributor role from leaking the attendees list on any post type regardless of status. e.g. draft, private, pending review, password-protected, and trashed posts. 1. ADMIN: Install Event Tickets 2. ADMIN: Install Event Tickets Plus ...

kernel: refcount leak in ctnetlink_create_conntrack()

A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow...

kernel: refcount leak in ctnetlink_create_conntrack()

A memory leak problem was found in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c in the Linux Kernel. This issue may allow a local attacker with CAPNETADMIN privileges to cause a denial of service DoS attack due to a refcount overflow...

CVE-2024-1267

A vulnerability, which was classified as problematic, has been found in CodeAstro Restaurant POS System 1.0. Affected by this issue is some unknown functionality of the file createaccount.php. The manipulation of the argument Full Name leads to cross site scripting. The attack may be launched...

Restaurant POS System Cross-Site Scripting Vulnerability

Restaurant POS System is a full-featured Restaurant POS System project based on the Restaurant POS System project by Martin Mbithi Nzilani Individual Developer. A cross-site scripting vulnerability exists in Restaurant POS System version 1.0, which stems from the parameter Full Name in the file...

PT-2024-17710 · Codeastro · Codeastro Restaurant Pos System

Name of the Vulnerable Software and Affected Versions: CodeAstro Restaurant POS System version 1.0 Description: A problematic issue has been found in the CodeAstro Restaurant POS System, affecting some unknown functionality of the file create account.php. The manipulation of the Full Name argumen...

CVE-2023-35188

SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited...

CVE-2024-24592

Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML platform allows a remote attacker to arbitrarily access, create, modify and delete files...