NVIDIA Jetson 缓冲区错误漏洞

NVIDIA Jetson is an embedded system development module from NVIDIA Corporation. The NVIDIA Jetson Linux Driver Package suffers from a buffer error vulnerability that stems from insufficient validation of untrusted data, which could be exploited by a local attacker to cause a memory buffer overflo...

GHSA-8M5Q-CRQQ-6PMF Unrestricted Upload of File with Dangerous Type in Apache Struts2

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. A patch exists as of version 2.5.22...

CVE-2022-1108

A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code...

CVE-2022-23448

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local...

多款Qualcomm产品访问控制错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits including primarily semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. Access Control Error Vulnerability in Multiple Qualcomm...

CVE-2022-26419

Omron CX-Position versions 2.5.3 and prior is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code...

USN-5357-1 linux, linux-aws, linux-azure-4.15, linux-dell300x, linux-hwe, linux-kvm, linux-snapdragon vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that originates from not properly validating data boundaries when net/ipv4/esp4.c and net/ipv6/esp6.c perform...

PT-2022-08: Deserialization of untrusted data in Veeam Agent for Microsoft Windows

The vulnerability was identified in Veeam Agent for Windows versions 2.0, 2.1, 2.2, 3.0.2, 4.0, and 5.0. The discovered vulnerability allows local users to run arbitrary code with LOCAL SYSTEM privileges. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 12.03.2022...

CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

CVE-2022-24345

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution without permission from a user upon opening a project was possible...

CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

CVE-2022-24345

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution without permission from a user upon opening a project was possible...

CVE-2022-24345

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution without permission from a user upon opening a project was possible...

CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

Code injection

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

Code injection

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution without permission from a user upon opening a project was possible...

CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

CVE-2022-24346

The CVE-2022-24346 issue affects JetBrains IntelliJ IDEA prior to 2021.3.1, where local code execution could be triggered via Right-to-Left Override (RLO) characters embedded in a project/file. Red Hat and NVD entries confirm the same description. Impact is defined as local code execution with pa...

CVE-2022-24345

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution without permission from a user upon opening a project was possible...