PT-2022-21690 · Lua +6 · Lua +6

Name of the Vulnerable Software and Affected Versions: Lua versions prior to 5.4.4 Description: An issue in the component luaG runerror of Lua leads to a heap-buffer overflow when a recursive error occurs. Recommendations: For versions prior to 5.4.4, update to a version that contains a fix for...

PT-2022-3284 · Ping Identity · Pingid Windows Login

Name of the Vulnerable Software and Affected Versions: PingID Windows Login versions prior to 2.8 Description: The issue is related to errors in authentication of the connection with a local Java service used to capture security key requests. An attacker with the ability to execute code on the...

The vulnerability of the Guzzle client HTTP library, a PHP programming language interpreter, related to authentication errors, allows attackers to disclose sensitive information that is protected.

The vulnerability of the Guzzle client HTTP library, a programming language interpreter for PHP, is related to authentication errors. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the library...

Microsoft Edge’s vulnerability, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges...

Mozilla Firefox < 102.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 102.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-24 advisory. - Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities...

The vulnerability of the authentication mechanism for software administrators of the ImageCast X device for marking ballots allows a perpetrator to escalate their privileges.

The vulnerability of the authentication mechanism for software administrators of the ImageCast X labeling device is related to privilege assignment errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the copyRawDataTo method in the Matrix3D class of the Adobe Flash Player allows a hacker to execute arbitrary code.

The vulnerability of the copyRawDataTo method in the Matrix3D class of the Adobe Flash Player lies in numerical processing errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the `load_elf_binary()` function in the Linux operating system’s kernel allows a hacker to bypass the ASLR protection and expose the protected information.

The vulnerability of the loadelfbinary function in the Linux operating system’s kernel arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism and disclose the protected information...

The vulnerability of the ImageCast X ballot marking device’s software, related to access control errors, allows a violator to execute arbitrary code.

The vulnerability of the ImageCast X ballot marking device’s software is related to access control errors. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using a specially created binary file with the setuid flag...

The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, related to authentication process errors, allows unauthorized access by attackers to protected information.

The vulnerability of the Wiser Smart programmable logic controllers from Schneider Electric, Wiser Controller EER21000 and Wiser Controller EER21001, relates to authentication process errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected informatio...

GSD-2022-1004057 RDMA/hfi1: Fix potential integer multiplication overflow errors

RDMA/hfi1: Fix potential integer multiplication overflow errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...

GSD-2022-1003983 phy: qcom-qmp: fix struct clk leak on probe errors

phy: qcom-qmp: fix struct clk leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...

GSD-2022-1003980 phy: qcom-qmp: fix reset-controller leak on probe errors

phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.283 by commit...

GSD-2022-1003882 phy: qcom-qmp: fix reset-controller leak on probe errors

phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...

GSD-2022-1003864 phy: qcom-qmp: fix struct clk leak on probe errors

phy: qcom-qmp: fix struct clk leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.247 by commit...

GSD-2022-1003732 phy: qcom-qmp: fix struct clk leak on probe errors

phy: qcom-qmp: fix struct clk leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...

GSD-2022-1003722 phy: qcom-qmp: fix reset-controller leak on probe errors

phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.198 by commit...

GSD-2022-1003544 phy: qcom-qmp: fix reset-controller leak on probe errors

phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...

GSD-2022-1003297 phy: qcom-qmp: fix reset-controller leak on probe errors

phy: qcom-qmp: fix reset-controller leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.46 by commit...

GSD-2022-1003003 phy: qcom-qmp: fix struct clk leak on probe errors

phy: qcom-qmp: fix struct clk leak on probe errors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...