3095 matches found
Memory corruption
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
PT-2022-17461 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to memory corruption in the MODEM UIM due to the usage of an out of range pointer offset while decoding a command from a card. This affects various Qualcomm...
VulnCheck KEV: CVE-2022-26522
Avast Anti Rootkit kernel driver user controlled length in aswArPot+0xc4a3...
OESA-2022-2120 freerdp security update
FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp and wlfreerdp. Security Fixes: FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are...
kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
CVE-2022-39317
An out-of-bounds read vulnerability was discovered in FreeRDP due to missing a range check for input offset index in the ZGFX decoder. A malicious server can trick a FreeRDP based client to read out-of-bound data and try to decode it, resulting in a crash...
UBUNTU-CVE-2022-39317
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. This issue has been addressed in versio...
CVE-2022-39317
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. This issue has been addressed in versio...
CVE-2022-39317 Out of bounds read in zgfx decoder in FreeRDP
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. This issue has been addressed in versio...
kernel: net: preserve skb_end_offset() in skb_unclone_keeptruesize()
In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the infamous WARNONONCEdelta truesize value, we also need to make sure TCP wont fill new tailroom that pskbexpandhead was able to get from a...
CVE-2022-40405
WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs...
Sql injection
WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs...
Sql injection
WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=search&s=recipients...
CVE-2022-42984
WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=search&s=recipients...
WoWonder Social Network Platform SQL注入漏洞
WoWonder Social Network Platform is a PHP social networking script by WoWonder. It is used to create your own social networking website. A security vulnerability exists in WoWonder Social Network Platform version v4.1.2, which stems from an attacker being able to implement SQL injection via the...
CVE-2022-40405
WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs...
WoWonder Social Network Platform SQL注入漏洞
WoWonder Social Network Platform is a PHP social networking script by WoWonder. It is used to create your own social networking website. A security vulnerability exists in WoWonder Social Network Platform version 4.1.4, which stems from an attacker being able to implement SQL injection via the...