2569 matches found
CVE-2024-52338
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...
AZL-53471 CVE-2024-52338 affecting package libarrow for versions less than 15.0.0-7
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...
CVE-2024-52338 Apache Arrow R package: Arbitrary code execution when loading a malicious data file
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources for example, user-supplied input files. This...
CVE-2024-8272
The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to implement critical client validation during XPC inter-process communication IPC. Specifically, the service does not verify the code requirements, entitlements, or security flags of any client attempting to...
CVE-2024-8272 macOS Universal Audio (UAConnect) <= 2.7.0 - Local Privilege Escalation
The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to implement critical client validation during XPC inter-process communication IPC. Specifically, the service does not verify the code requirements, entitlements, or security flags of any client attempting to...
CVE-2024-8272 macOS Universal Audio (UAConnect) <= 2.7.0 - Local Privilege Escalation
The com.uaudio.bsd.helper service, responsible for handling privileged operations, fails to implement critical client validation during XPC inter-process communication IPC. Specifically, the service does not verify the code requirements, entitlements, or security flags of any client attempting to...
The vulnerability of TP-Link TL-IPC42C IP camera’s microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.
The vulnerability of TP-Link TL-IPC42C IP camera’s microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted...
CVE-2024-11618
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The explo...
CVE-2024-11618
Affects IPC Unigy Management System 04.03.00.08.0027; vulnerability in the HTTP Request Handler leading to server-side request forgery (SSRF). Exploitation can be remote and public details exist. The CVE describes a critical issue; multiple sources confirm remote exploitation with an exposed expl...
CVE-2024-11618 IPC Unigy Management System HTTP Request server-side request forgery
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The explo...
IPC Unigy Management System 安全漏洞
IPC Unigy Management System is an integrated trading platform from IPC Inc. It is used to monitor, manage and maintain the trading communications infrastructure. A security vulnerability exists in IPC Unigy Management System version 04.03.00.08.0027. An attacker could exploit this vulnerability t...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
CVE-2024-51330
CVE-2024-51330 affects UltiMaker Cura up to v4.41 and v5.8.1 and earlier, enabling a local attacker to execute arbitrary code via the Inter-process communication (IPC) between the Cura GUI and CuraEngine, the localhost network stack, and related printing/G-code components on Ultimaker 3D printers...
CVE-2024-51330
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...
CVE-2024-34673
Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service...
CVE-2024-33030
Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size...
CVE-2024-33030 Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Performance
Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size...
CVE-2024-33030
Qualcomm chipsets with LPLH are affected by CVE-2024-33030. The issue is memory corruption caused by parsing IPC frequency table parameters when the input size is larger than expected. Impact is memory corruption (per the sources), with no public details on affected versions or a patch in the pro...
PT-2024-35621
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been resolved in the Linux kernel. The problem occurs when percpu memory allocation fails during the creation of a new IPC namespace, and the failure is not handl...