Mozilla: Memory corruption in IPC ColorPickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...

Mozilla: Memory corruption in IPC ColorPickerShownCallback

The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code issue vulnerability that stems from a potentially exploitable crash that can be exploited by an attacker to cause a use-after-release when receiving rendered data vi...

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a resource management error vulnerability that stems from the fact that when creating a callback to display a color picker window via IPC, multiple identical callbacks may be created...

[SECURITY] Fedora 38 Update: libqb-2.0.8-1.fc38

A "Quite Boring" library that provides high-performance, reusable features fo r client-server architecture, such as logging, tracing, inter-process communication IPC, and polling...

Tencent QQ Local Elevation of Privilege Vulnerability

Tencent QQ is a multi-platform instant messaging software from China's Tencent. A local elevation of privilege vulnerability exists in Tencent QQ. The vulnerability is caused due to QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, which can lead to a...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

Design/Logic Flaw

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

CVE-2023-34312

CVE-2023-34312 affects Tencent QQ (versions up to 9.7.8.29039) and TIM (up to 3.4.7.22084). The issue is a write-what-where condition caused by QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, enabling a local breach with high impact in confidentiali...

Tencent QQ 安全漏洞

Tencent QQ is a multi-platform instant messaging software from China's Tencent. A local elevation of privilege vulnerability exists in Tencent QQ. The vulnerability is caused due to QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, which can lead to a...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...

kernel: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if FWREADY...

Microsoft Windows ALPC 安全漏洞

Microsoft Windows ALPC is an inter-process communication tool for high-speed messaging from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows ALPC. The following products and versions are affected:Windows Server 2019,Windows Server 2019 Server Core installation,Windo...

ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8486)

Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling. This plugin only works with Tenable.ot. Please visit...

ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8487)

Insufficient protection of the inter-process communication functions in ABB System 800xA Base all published versions enables an attacker authenticated on the local system to inject data, affect node redundancy handling. This plugin only works with Tenable.ot. Please visit...

SUSE CVE-2010-1187

The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...

SUSE CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...