PT-2022-7159 · Parallels · Parallels Desktop

Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code ...

vim: Fix of 2 CVEs

CVE-2022-4141: check for text locked in CTRL-W gf - CVE-2022-3520: check that the column does not become negative...

LPDA.sol and FixedPrice.sol will lock the funds forever

Lines of code Vulnerability details Impact Possibility of IDs collision The ether will be locked on FixedPrice or LPDA Proof of Concept On the same Escher721 Let’s say the first collection start from id = 0 and end on id = 10 So the next collection of the same Escher721 We can say the next part o...

CVE-2022-42775

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel...

CVE-2022-42775

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel...

CVE-2022-39131

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel...

Memory corruption

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel...

Memory corruption

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel...

Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware

A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities due to its "weak architecture and programming." Cryptonite, unlike other ransomware strains, is not available for sale on the cybercriminal underground, and was instead offered f...

UNISOC chipset 安全漏洞

UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in the UNISOC chipset, which stems from an improper locking of its camera driver that may result in memory corruption leading to a local denial of service in the kernel...

CVE-2022-39131

The CVE-2022-39131 entry concerns a memory corruption issue in a camera driver caused by improper locking, leading to local denial of service in the kernel. The affected component is described as the camera driver (no specific vendor/model in the provided documents). The root cause is improper sy...

CVE-2022-42775

CVE-2022-42775 involves the UNISOC camera driver, where improper locking can cause memory corruption and a local kernel denial of service. Concrete details across connected sources reiterate the vulnerability class but do not specify affected products/versions or a confirmed remediation. In summa...

PT-2024-11847 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a crash when replugging CSR fake controllers in the Linux kernel's Bluetooth component. It seems that fake CSR 5.0 clones can cause the suspend notifier to be...

PUB-A-165329981

In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-252950986

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel...

libvirt security, bug fix, and enhancement update

8.5.0-7.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 8.5.0-7 - securityselinux: Dont ignore NVMe disks when setting image label rhbz2121441 8.5.0-6 - qemuprocess: Destroy domains namespace after killing QEMU rhbz2121141 8.5.0-5 - rpc: Pass OPENSSLCONF through to ssh invocations...

Exploit for Use After Free in Linux Linux_Kernel

CVE-2022-2602 This repository contain...

MariaDB 10.2.0 < 10.2.15 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.2.15 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.3...

MariaDB 10.0.0 < 10.0.1 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.1 advisory. - Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users t...

MariaDB 10.1.0 < 10.1.33 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.33. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.33 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.3...