CVE-2024-57952

CVE-2024-57952 affects the Linux kernel through a revert of the libfs offset-dir fix, restoring prior behavior that could hide directory entries when the offset allocator wraps. Public docs in the SUSE/OpenSUSE advisories note this as a fix delivered via kernel updates (openSUSE-SU-2025-20081-1) ...

CVE-2024-41019

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for ff offset. There is a check on rt-firstfree at first, but walking through by ff without any check. If the second ff is a large offset. We may encounter an out-of-bound read...

CVE-2024-36884

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This was missed because of the function pointer indirection. nvidiasmmucontextfault is also installed as a irq function, and the 'void ' was changed to a struct...

CakePHP SQL注入漏洞

CakePHP is the U.S. CAKE Foundation of a MVC-based architecture , open source Web development framework. The framework has flexible view caching, automatic generation of CRUD code and other features. CakePHP suffers from an SQL injection vulnerability that stems from the CakeDatabaseQuery::limit...

CVE-2022-33193

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

Design/Logic Flaw

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...

CVE-2020-27483

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided...

Google Android Qualcomm Component Out-of-Range Pointer Offset Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA in the U.S. Qualcomm is one of the Qualcomm components used in Qualcomm devices. An out-of-range pointer offset vulnerability exists in the Google Android Qualcomm component. An...

UBUNTU-CVE-2017-9924

In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to execute arbitrary code or cause a denial of service via a crafted file, related to a "User Mode Write AV starting at image0000000000400000+0x000000000001b72a."...

CVE-2014-9929

CVE-2014-9929 refers to a Use of Out-of-range Pointer Offset vulnerability in WCDMA for Android CAF builds using the Linux kernel. Public entries describe the root cause as an out-of-range pointer offset (with at least one linked source labeling the issue as a Null pointer dereference). The vulne...

CVE-2011-0664

Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP...

CVE-2010-2867

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...

Null pointer dereference

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...

iBWd Guestbook 1.0 SQL Injection

iBWd Guestbook 1.0 SQL Injection Credit : SpC-x | The-BeKiR Site : http://wWw.SaVSaK.CoM Greetz : | Nukedx | Ejder | Str0ke | joffer Code : http://www.target.com/path/index.php?offset=SQL Example : http://robbie.thru-a-lens.com/guestbook/guestbook/index.php? offset=SQL /SpC-x -- Get your free ema...