53 matches found
CVE-2026-53329
A flaw was found in the Linux kernel's drm/amd/display component. The dalvectorreserve function calculates memory allocation size using 32-bit arithmetic, which can lead to an integer overflow. This overflow causes a smaller memory buffer to be allocated than intended, resulting in a heap overflo...
CVE-2026-53329
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as "capacity vector-structsize" using uint32t arithmetic, which can silently wrap to a small value on overflow. This...
CVE-2026-53329
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as "capacity vector-structsize" using uint32t arithmetic, which can silently wrap to a small value on overflow. This...
CVE-2026-53329
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as "capacity vector-structsize" using uint32t arithmetic, which can silently wrap to a small value on overflow. This...
CVE-2019-11102
Insufficient input validation in IntelR DAL software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...
CVE-2020-12304
Improper access control in Installer for IntelR DAL SDK before version 2.1 for Windows may allow an authenticated user to potentially enable escalation of privileges via local access...
EUVD-2020-4616
Malware in sbrugna...
EUVD-2019-0977
Malware in sbrugna...
EUVD-2019-2806
Malware in sbrugna...
EUVD-2020-4615
Malware in sbrugna...
Malicious code in @zalastax/nolb-dal (npm)
The package @zalastax/nolb-dal was found to contain malicious code...
MAL-2025-11077 Malicious code in @zalastax/nolb-dal (npm)
The package @zalastax/nolb-dal was found to contain malicious code...
CVE-2019-0170
Buffer overflow in subsystem in IntelR DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2024-42357 Shopware vulnerable to blind SQL-injection in DAL aggregations
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the...
CVE-2024-42357 Shopware vulnerable to blind SQL-injection in DAL aggregations
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the...
GHSA-P6W9-R443-R752 Shopware vulnerable to blind SQL-injection in DAL aggregations
Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...
CVE-2024-22406 Blind SQL-injection in DAL aggregations in Shopware
Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations...
CVE-2023-41636
A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...
CVE-2023-41636
A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...
Sql injection
A SQL injection vulnerability in the Data Richiesta dal parameter of GruppoSCAI RealGimm v1.1.37p38 allows attackers to access the database and execute arbitrary commands via a crafted SQL query...