145 matches found
Input validation
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver...
CVE-2023-2570
CVE-2023-2570 involves an Improper Validation of Array Index in the Foxboro.sys driver IOCTL handling, leading to local denial-of-service and potential kernel execution. Root cause: incorrect validation of an array index. Affected product context appears to be Schneider Electric EcoStruxure Foxbo...
CVE-2023-2570
A CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver...
CVE-2023-2569
CVE-2023-2569 affects Schneider Electric EcoStruxure Foxboro DCS components, with the Foxboro.sys driver exposing an Out-of-Bounds Write via an IOCTL call. The concrete root cause described across sources is a boundary/array bound error while handling untrusted input, enabling a local attacker wi...
CVE-2023-2569
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...
PT-2023-3076 · Unknown · Foxboro.Sys
Name of the Vulnerable Software and Affected Versions: Foxboro.sys driver affected versions not specified Description: A CWE-787: Out-of-Bounds Write issue exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local...
PT-2023-3636 · Apple · Macos Ventura +5
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.5 iPadOS versions prior to 16.5 watchOS versions prior to 9.5 tvOS versions prior to 16.5 macOS Ventura versions prior to 13.4 Description: A type confusion issue was addressed with improved checks, which may allow an...
SUSE CVE-2021-38300
arch/mips/net/bpfjit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architectur...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2932)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: LoadPin bypass via dm-verity table reload
A flaw was found in the Linux kernel. Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module and firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out...
CVE-2022-32940
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges...
PT-2022-21591 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7 macOS versions prior to 12.6 macOS versions prior to 13 Description: The issue was addressed with improved memory handling. A remote user may be able to cause kernel code execution. Recommendations: For macOS...
CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
UBUNTU-CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
CVE-2022-2503 Linux Kernel LoadPin bypass via dm-verity table reload
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
CVE-2022-2503
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear...
Corel Parallels Desktop 安全漏洞
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A security vulnerability exists in Corel Parallels Desktop version 17.1.1 51537, which stems from a vulnerability that allows a local attacker to disclose sensitive information on an affected...
CVE-2022-26756
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges...
Missing validation results in undefined behavior in `SparseTensorDenseAdd
Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...