EUVD-2024-43132

Malicious code in bioql PyPI...

EUVD-2022-33618

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-6796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caus...

GNU GRUB Out-of-Bounds Write Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from an out-of-bounds write vulnerability, which stems from an unvalidated UFS symbolic link length, that can be exploited by attackers to inject malicious code and tamper with critical data in memory...

Important: nvidia-driver

Issue Overview: NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or...

CVE-2025-27021

The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by...

CVE-2024-48918

RDS Light is a simplified version of the Reflective Dialogue System RDS, a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation within the RDS AI framework, specifically within the user input handling code in the main module main.p...

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

CVE-2023-5410

A potential security vulnerability has been reported in the system BIOS of certain HP PC products, which might allow memory tampering. HP is releasing mitigation for the potential vulnerability...

CVE-2023-52080

IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT-GetVariable function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When critical...

CVE-2022-29278

Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory Incorrect pointer checks within the NvmExpressDxe driver can allow tampering with SMRAM and OS memory. This issue was discovered by Insyde during security review. Fixed in: Kernel 5.1: Version...

CVE-2022-29275

In UsbCoreDxe, untrusted input may allow SMRAM or OS memory tampering Use of untrusted pointers could allow OS or SMRAM memory tampering leading to escalation of privileges. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.21 Kernel 5.1: versi...

GNU GRUB 安全漏洞

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from an out-of-bounds write vulnerability, which stems from an unvalidated UFS symbolic link length, that can be exploited by attackers to inject malicious code and tamper with critical data in memory...

CVE-2024-8938

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory...

CVE-2024-8936

CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory...

CVE-2024-8936

The CVE-2024-8936 issue affects Schneider Electric Modicon M340 family devices (including M340, MC80, Momentum Unity M1E) via an improper input validation in the Modbus handling. The root cause is insufficient input validation that enables a MITM scenario, after which a crafted Modbus function ca...

CVE-2024-8936

CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call used to tamper with memory...

CVE-2024-8937

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in the...

PT-2024-9212 · Schneider Electric · Modicon M340 Cpu Bmxp34

Name of the Vulnerable Software and Affected Versions: Schneider Electric Modicon M340 CPU BMXP34 affected versions not specified Description: The issue is related to insufficient input validation in the Modbus protocol implementation of the Schneider Electric Modicon M340 CPU BMXP34 programmable...

CVE-2024-48918

RDS Light is a simplified version of the Reflective Dialogue System RDS, a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation within the RDS AI framework, specifically within the user input handling code in the main module main.p...