4312 matches found
Google Pixel 安全漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from improper locking and could lead to reuse after release...
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...
Medium: kernel
Issue Overview: A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol L2TP. A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. CVE-2022-4129 A...
Potential Risk of Accidentally Minting Tokens to Incorrect Accounts
Lines of code Vulnerability details Impact 1. the Intended recipient of the tokens might not receive them, which could lead to a loss of funds or a delay in the intended use of the tokens 2. incorrect account holder could receive the tokens by mistake, leading to a discrepancy in the total token...
ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
A use-after-free flaw was found in sndctlelemread in sound/core/control.c in Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
Privilege escalation
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
MediaTek 芯片 安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the ion module of the MediaTek chips, which stems from incorrect locking and may result in privilege escalation...
CVE-2023-20623
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778...
CVE-2023-20623
CVE-2023-20623 affects the Ion component in MediaTek-based systems. Root cause is improper locking that allows local privilege escalation without extra execution privileges and with no user interaction required. The CVSS metrics indicate a local attack vector, high complexity, and high privileges...
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgat...
PT-2023-17492 · Ion · Ion
Name of the Vulnerable Software and Affected Versions: ion affected versions not specified Description: The issue is related to a possible escalation of privilege due to improper locking in ion. This could lead to local escalation of privilege with no additional execution privileges needed. User...
CVE-2022-39228 Observable Response Discrepancy in vantage6
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. vantage6 does not inform the user of wrong username/password combination if the username actually exists. This is an attempt to prevent bots from obtaining usernames. However, if a wrong password is...
ASB-A-264209787
In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PUB-A-194783918
In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-20939
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Input validation
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20939
In multiple functions of looperbackedeventloop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...