2569 matches found
PT-2025-18572 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the ipc pcie read bios cfg function. This function uses acpi evaluate dsm to obtain the wwan power state...
Rocky Linux 8 : thunderbird (RLSA-2022:0845)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0845 advisory. - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of- bounds write of one byte when processing th...
OSV-2023-1088 Heap-buffer-overflow in arrow::Status arrow::Result<std::__1::unique_ptr<arrow::Buffer, std::__1::defaul
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63679 Crash type: Heap-buffer-overflow WRITE 8 Crash state: arrow::Status arrow::Resultstd::1::uniqueptrarrow::Buffer, std::1::defaul arrow::ipc::ArrayLoader::GetBuffer arrow::ipc::ArrayLoader::Visit...
CVE-2023-28796 IPC Bypass Through PLT Section in ELF
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6...
CVE-2023-28796 IPC Bypass Through PLT Section in ELF
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6...
Exploit for Improper Authentication in Dahuasecurity Ipc-Hum7Xxx_Firmware
CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit...
PT-2023-7331 · Google +5 · Mojo Ipc +6
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.199 Microsoft Edge versions affected versions not specified Description: The issue is related to a use after free vulnerability in the Mojo IPC library, which can be exploited by a remote attacker to...
Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4032-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4032-1 advisory. It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined...
OESA-2023-1712 firefox security update
Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a...
OESA-2023-1715 firefox security update
Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a...
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit
By Ian Beer A graph representation of the sandbox escape NSExpression payload In April this year Google's Threat Analysis Group, in collaboration with Amnesty International, discovered an in-the-wild iPhone zero-day exploit chain being used in targeted attacks delivered via malicious link. The...
Slackware Linux 15.0 / current samba Multiple Vulnerabilities (SSA:2023-284-03)
The version of samba installed on the remote host is prior to 4.18.8 / 4.19.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-284-03 advisory. - The SMB 1/2/3 protocols allow clients to connect to named pipes via the IPC$ Inter-Process Communication share for...
smbd allows client access to unix domain sockets
Description The SMB 1/2/3 protocols allow clients to connect to named pipes via the IPC$ Inter-Process Communication share for the process of inter-process communication between SMB clients and servers. Since Samba 4.16.0, Samba internally connects client pipe names to unix domain sockets within ...
RLSA-2023:4954 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0. Security Fixes: Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla: Memory corruption...
Amazon Linux 2 : firefox (ALASFIREFOX-2023-014)
The version of firefox installed on the remote host is prior to 102.15.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-014 advisory. Memory corruption in IPC CanvasTranslator CVE-2023-4573 Memory corruption in IPC ColorPickerShownCallback...
CVE-2023-0627
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
Design/Logic Flaw
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escalation LPE.This issue affects Docker Desktop: 4.11.X...
CVE-2023-0627
Docker Desktop 4.11.x is affected by CVE-2023-0627 due to IPC response spoofing that bypasses the --no-windows-containers flag, enabling Local Privilege Escalation. The root cause is spoofed IPC responses within Docker Desktop, which can let a local attacker escalate privileges. The available ref...