CVE-2023-46770

Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones...

CVE-2023-46770

Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones...

Cross site scripting

Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones...

kernel: iomap: iomap: fix memory corruption when recording errors during writeback

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

Fedora 39 : xrdp (2023-5134642a68)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5134642a68 advisory. Release notes for xrdp v0.9.23 2023/08/31 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...

Rocky Linux 8 : curl (RLSA-2021:3582)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3582 advisory. - When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The...

Event ID: 28 "Could not contact any Federated Authentication Servers"

Users are unable to launch Citrix sessions from a FAS enabled store and observe the error - 'Cannot start desktop '. On the StoreFront servers, we observe Event ID: 28 stating - 'Failed to launch the resource 'XXXXXX' using the Citrix XML Service at address '??'. It was not possible to select a...

Tenda RX9 Pro Security Vulnerability

Tenda RX9 Pro is a wireless router from Tenda China. A security vulnerability exists in Tenda RX9 Pro Firmware version V22.03.02.20, which stems from a lack of error handling in the HTTP server component. An attacker can exploit the vulnerability to arbitrarily lock the device...

PT-2023-30200 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is an out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on...

ARM Mali GPU Driver Buffer Error Vulnerability

ARM Mali GPU Driver is a driver from ARM UK for Mali GPU support. A security vulnerability exists in ARM Mali GPU Driver versions r38p0 through r44p0. An attacker can exploit the vulnerability to perform incorrect GPU memory handling operations...

SUSE-SU-2023:4375-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215095 -...

The vulnerability of Google Chrome’s Picture-in-Picture (PiP) technology, which allows attackers to carry out spoofing attacks

The vulnerability of Google Chrome’s Picture-in-Picture PiP technology is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

CVE-2023-5516

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical detai...

Design/Logic Flaw

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical detai...

CVE-2023-5516

CVE-2023-5516 is associated with Hitachi Energy eSOMS. The EU/ICS and CVE entries describe a vulnerability where poorly constructed web requests and URI components disclose sensitive information (internal paths, endpoints, server details) via web responses. Affected product: eSOMS (v6.3.13 and pr...

CVE-2023-5516

Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical detai...

Project Worlds Online Examination System Input Validation Error Vulnerability

Project Worlds Online Examination System is an online examination system. Project Worlds Online Examination System v1.0 suffers from an input validation error vulnerability that stems from susceptibility to multiple open redirection vulnerabilities that allow an attacker to redirect a victim user...

The vulnerability of the Snow License Manager Service Provider Edition software, related to privilege management errors, allows a violator to gain unauthorized access to protected information.

The vulnerability of the Snow License Manager Service Provider Edition software-related license management software is related to privilege management errors. Exploiting this vulnerability allows an intruder to gain unauthorized access to protected information...

Advisory ROSA-SA-2023-2285

software: clamav 0.103.8 WASP: ROSA-CHROME packageevrstring: clamav-0.103.8-1.src.rpm CVE-ID: CVE-2022-20698 BDU-ID: 2022-00587 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Clam AntiVirus software package is related to insufficient input validation. Exploitation of the vulnerability could...

The vulnerability of the Passkey Handler component in operating systems such as Apple iPadOS, MacOS, and iOS allows a hacker to disclose sensitive information that is protected by this component.

The vulnerability of the Passkey Handler component in Apple’s iPadOS, MacOS, and iOS operating systems is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...