SUSE CVE-2021-3600

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code...

SUSE CVE-2022-1353

A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information...

Qualcomm 芯片资源管理错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip bt driver, which stems fr...

CVE-2023-23698

Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete...

CVE-2022-34459

Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.7 contain a improper verification of cryptographic signature in get applicable driver component. A local malicious user could potentially exploit this vulnerability leading to malicious payload execution...

PT-2023-12655 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible persistent denial of service DoS due to resource exhaustion in the AutomaticZenRule of AutomaticZenRule.java. This could lead to a local denial of...

ASB-A-204584366

In queue of UsbRequest.java, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2022-26472 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the EmbmsSessionData::encode function due to a missing bounds check. This could lead to local escalation of privilege, requiring System execution privileges...

CVE-2022-20597

In ppmpuset of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N...

CVE-2022-20502

In GetResolvedMethod of entrypointutils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

CVE-2022-32628

In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780...

CVE-2022-32620

CVE-2022-32620 affects MediaTek’s mpu component, caused by a logic error that can cause memory corruption. This may enable local escalation of privilege to System level with no user interaction required. Patch ALPS07541753 (Issue ALPS07541753) is referenced; exploitation status is not detailed in...

PUB-A-246194233

In ufdtgetnodebypathlen of ufdtconvert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-242702451

In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-165329981

In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

CVE-2022-32488

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM...

PT-2022-21341 · Dell · Dell Bios

Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: The issue is related to improper input validation in Dell BIOS, which could be exploited by a local authenticated malicious user. This exploitation could potentially lead to arbitrary cod...

PT-2022-21344 · Dell · Dell Client Bios

Name of the Vulnerable Software and Affected Versions: Dell Client BIOS affected versions not specified Description: The issue is related to a Buffer Overflow. A local authenticated malicious user may potentially exploit this by manipulating an SMI to cause an arbitrary write during SMM...

PT-2022-21345 · Dell · Dell Bios

Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: The issue is related to an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code...