CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

Design/Logic Flaw

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

Tencent QQ 安全漏洞

Tencent QQ is a multi-platform instant messaging software from China's Tencent. A local elevation of privilege vulnerability exists in Tencent QQ. The vulnerability is caused due to QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, which can lead to a...

CVE-2023-34312

CVE-2023-34312 affects Tencent QQ (versions up to 9.7.8.29039) and TIM (up to 3.4.7.22084). The issue is a write-what-where condition caused by QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, enabling a local breach with high impact in confidentiali...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...

kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...

Microsoft Windows ALPC 安全漏洞

Microsoft Windows ALPC is an inter-process communication tool for high-speed messaging from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows ALPC. The following products and versions are affected:Windows Server 2019,Windows Server 2019 Server Core installation,Windo...

ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8486)

Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling. This plugin only works with Tenable.ot. Please visit...

ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8487)

Insufficient protection of the inter-process communication functions in ABB System 800xA Base all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling. This plugin only works with Tenable.ot. Please visit...

SUSE CVE-2010-1187

The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...

SUSE CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...

SUSE CVE-2013-2874

Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL textures...

SUSE CVE-2014-3188

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...

SUSE CVE-2015-1295

Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/printwebviewhelper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC...

SUSE CVE-2019-9799

Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox 66...

SUSE CVE-2020-5963

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure...

SUSE CVE-2020-25654

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...