324 matches found
Remote Code Execution
xwayland:sid is vulnerable to Remote Code Execution. The vulnerability due to changing XKB button actions such as moving from a touch pad to a mouse can result in out-of-bounds memory reads and writes. It allows an attacker execute malicious code in cases where X11 forwarding is involved...
CVE-2023-6377
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved...
Out-of-bounds
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved...
Rocky Linux 9 : libxml2 (RLSA-2022:5250)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5250 advisory. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in...
Rocky Linux 8 : libxml2 (RLSA-2022:5317)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5317 advisory. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.10057)
The version of AHV installed on the remote host is prior to 20220304.10057. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.10057 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.420)
The version of AHV installed on the remote host is prior to 20220304.420. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.420 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via...
The vulnerability of the bitwriter_grow_ function in the FLAC audio codec allows a hacker to execute arbitrary code.
The vulnerability of the bitwritergrow function in the FLAC audio codec is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Amazon Linux 2 : firefox (ALASFIREFOX-2023-007)
The version of firefox installed on the remote host is prior to 102.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-007 advisory. firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 The Mozilla Foundation Security...
Apple macOS Ventura Security Vulnerability
Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.3, which stems from an application that could cause the system to unexpectedly terminate or write to kernel memory...
PT-2023-24813 · Arm +1 · Arm +1
Name of the Vulnerable Software and Affected Versions: Arm affected versions not specified Description: The issue arises from the arithmetics in the cache cleaning and invalidation helpers provided by Arm, which can overflow and result in skipping the cache cleaning/invalidation. This means there...
CVE-2023-20564
The CVE-2023-20564 entry concerns AMD Ryzen Master Driver IOCTL input validation. Connected sources detail vulnerable component AMDRyzenMasterDriverV17.sys and two IOCTLs: 0x81112F08 (physical memory read) and 0x81112F0C (physical memory write), with insufficient validation of addresses, sizes, a...
CVE-2023-20564
Insufficient validation in the IOCTL Input Output Control input buffer in AMD RyzenTM Master may permit a privileged attacker to perform memory reads and writes, potentially leading to a loss of confidentiality or arbitrary kernel execution. Mitigation Please contact AMD support for updates...
AMD Ryzen Master Input Validation Error Vulnerability
AMD Ryzen Master is a software tool from UltraMicroelectronics AMD for managing and tuning the performance of AMD Ryzen processors. A security vulnerability exists in AMD Ryzen Master that stems from inadequate input buffer validation, which could allow a privileged attacker to perform memory rea...
USN-6167-1: QEMU vulnerabilities
It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubunt...
MediaTek 芯片 缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the wlan module of the MediaTek chips, which is caused by a lack of boundary checking and may result in out-of-bounds writes...
CVE-2023-0767
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
DEBIAN-CVE-2023-0767
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Code injection
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-0767
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...