90 matches found
The vulnerability of graphics drivers in microprogramming software for Intel processors arises from incorrect neutralization of special elements in the output data used by the input component. This allows attackers to exploit their privileges.
The vulnerability of graphic drivers in microprogramming software for Intel processors is related to incorrect neutralization of special elements in the output data used by the input component. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability in the set of development libraries for Intel Distribution for GDB relates to incorrect elimination of special elements in output data, allowing an attacker to trigger a service failure.
The vulnerability in the application development library set of Intel Distribution for GDB is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), stems from incorrect neutralization of certain elements in the output data. This allows attackers to exploit their privileges.
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library VPL, is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the Portal for ArcGIS web portal involves incorrect elimination of special elements in the output data used by the incoming component. This allows a malicious user to execute arbitrary HTML code.
The vulnerability of the Portal for ArcGIS web portal is related to incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...
UBUNTU-CVE-2024-50232
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124setchannelodr In the ad7124writeraw function, parameter val can potentially be zero. This may lead to a division by zero when DIVROUNDCLOSEST is called within ad7124setchannelodr. T...
The vulnerability of the Microsoft App Installer installer, related to the lack of mechanisms for encoding or shielding output data, allows attackers to perform spoofing attacks.
The vulnerability of the Microsoft App Installer relates to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows attackers to carry out spear-phishing attacks using a specially created malware package...
The vulnerability of the Atlassian Bamboo continuous integration system lies in the improper elimination of special elements in the output data, allowing attackers to gain access to local server files and execute them.
The vulnerability of the Atlassian Bamboo continuous integration system is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow a malicious actor to gain access to local server files and execute them...
ROS-20240708-02
A vulnerability in the TPMLPCRSELECTION functions of the source repository for Trusted Platform Module tools TPM2.0 is related to improper mapping of PCR slots, providing a misleading TPM state. Exploitation of the vulnerability could allow an attacker acting remotely to manipulate output data...
CVE-2024-3402 Stored XSS vulnerability in gaizhenbiao/chuanhuchatgpt
A stored Cross-Site Scripting XSS vulnerability existed in version 20240121 of gaizhenbiao/chuanhuchatgpt due to inadequate sanitization and validation of model output data. Despite user-input validation efforts, the application fails to properly sanitize or validate the output from the model,...
The vulnerability of the DCH-compatible Thunderbolt driver relates to incorrect elimination of special elements in the output data, allowing attackers to increase their privileges.
The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the DCH-compatible Thunderbolt driver relates to incorrect elimination of special elements in the output data, allowing attackers to increase their privileges.
The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect elimination of special elements in the output data, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the DCH-compatible Thunderbolt driver, related to incorrect elimination of special elements in the output data, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the DCH-compatible Thunderbolt driver is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
CVE-2024-1602 Stored XSS leading to RCE in parisneo/lollms-webui
parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting XSS that leads to Remote Code Execution RCE. The vulnerability arises due to inadequate sanitization and validation of model output data, allowing an attacker to inject malicious JavaScript code. This code can be executed within t...
CVE-2024-1602
CVE-2024-1602 affects parisneo/lollms-webui, with a stored XSS that leads to Remote Code Execution. Attacker can exploit inadequate sanitization/validation of model output data to inject JavaScript that runs in the user’s browser and can trigger a request to /execute_code to establish a reverse s...
lollms-webui 安全漏洞
LoLLMs is a Web UI for a large language multi-model system by the individual developer Saifeddine ALOUI. A security vulnerability exists in lollms-webui that stems from inadequate cleaning and validation of model output data...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird arises from incorrect elimination of special elements in the output data used by the incoming components. This allows an attacker to execute arbitrary code.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to incorrect elimination of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix, related to the execution of operations outside the buffer boundaries in memory, allows a hacker to trigger a malfunction during maintenance.
The vulnerability of Rockwell Automation’s programmable logic controllers ControlLogix lies in the fact that the output data may escape from memory into the operating system. Exploiting this vulnerability could allow a malicious actor to cause malfunctions during operation...
The vulnerability of the macOS iTerm2 terminal emulator relates to a lack of mechanisms for encoding or blocking output data, allowing a hacker to execute arbitrary code.
The vulnerability of the terminal emulator for the macOS operating system, iTerm2, is related to a lack of mechanisms for encoding or blocking output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of SSH-dissection analyzers in Wireshark allows a hacker to cause a service failure.
The vulnerability of SSH-dissection analyzers in Wireshark relates to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially created packets...