CVE-2023-52516

In the Linux kernel, the following vulnerability has been resolved: dma-debug: don't call dmaentryalloccheckleak under freeentrieslock dmaentryalloccheckleak calls into printk - serial console output qcom geni and grabs port-lock under freeentrieslock spin lock, which is a reverse locking...

Authorization

Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected deployed with the ACCESSCODE option, it is possible to access plugins without proper authorization without password. This vulnerabili...

CVE-2024-24566 Lobe Chat unauthorized access to plugins

Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected deployed with the ACCESSCODE option, it is possible to access plugins without proper authorization without password. This vulnerabili...

CVE-2024-24566 Lobe Chat unauthorized access to plugins

Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected deployed with the ACCESSCODE option, it is possible to access plugins without proper authorization without password. This vulnerabili...

addRewardToken() does note remove old entries before adding new ones

Lines of code 455, 280, 378, 411 Vulnerability details Each time addRewardToken is called, new entries are added to the array, but doing so does not remove any old entries. By calling the function multiple times, an attacker can can increase their voting power indefinitely, without having to...

SUSE SLES12 Security Update : poppler (SUSE-SU-2023:4546-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4546-1 advisory. - An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc...

kernel: bpf: Fix memory leaks in __check_func_call

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2023-38546

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a functio...

Functions can be called directly externally

Lines of code Vulnerability details Impact @dev This exists as a standalone contract but will only ever contain proxy code, not state. As such it should never be called directly or externally, and should only be invoked with DELEGATECALL so that it operates on the contract state within the primar...

No zero address check in PrimeLiquidityProvider.sol:sweepTokens

Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address0, the developer's assumption is that safeTransfer is checking for to not being the address0. In reality, it doesn’t implement such a check and we can see from the implementation of the function:...

Malicious code in aliyun-oss2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c33f6b28da216b43120a3b8a8537d0263dc1eb2b22979a4183b371ff57b9e0b Malicious Typosquatting packages campaign targeting developers, steals cloud service credentials Source: google-open-source-security...

Design/Logic Flaw

In the function call related to CAMREQMGRRELEASEBUF there is no check if the buffer is being used. So when a function called cammemgetcpubuf to get the kernel va to use, another thread can call CAMREQMGRRELEASEBUF to unmap the kernel va which cause UAF of the kernel address...

CVE-2023-28577

CVE-2023-28577 describes a kernel-use-after-free (UAF) condition in Qualcomm components where, during CAM_REQ_MGR_RELEASE_BUF, a check is not performed to verify whether the buffer is still in use. If a thread calls cam_mem_get_cpu_buf to retrieve a kernel virtual address (VA) and another thread ...

The vulnerabilities of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP software integration platforms are related to deficiencies in authentication procedures. These deficiencies allow attackers to circumvent security restrictions, enhance their privileges, and gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP integration platforms is related to deficiencies in the authentication process due to incorrect processing of user information via RFC messages, thereby compromising the security between SAP systems. Exploiting this vulnerability...

CVE-2023-29414

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

Buffer overflow

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

CVE-2023-29414

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

CVE-2023-29414

A CWE-120: Buffer Copy without Checking Size of Input Classic Buffer Overflow vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call...

gRPC 安全漏洞

gRPC is a modern, open-source, high-performance Remote Procedure Call RPC framework from gRPC Open Source. A security vulnerability exists in gRPC, which stems from the ability to call abort functions via http2...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...