Corel Parallels Desktop 安全漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A security vulnerability exists in Corel Parallels Desktop version 17.1.1 51537, which stems from a vulnerability that allows a local attacker to disclose sensitive information on an affected...

Buffer Overflow

vim is vulnerable to buffer overflow. The vulnerability exists due to a lack of validation of the pointer accessing the Heap which allows an attacker to cause an application crash...

CVE-2022-22638

A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service...

CVE-2021-44421

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

Null pointer dereference

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

CVE-2021-44421

CVE-2021-44421 affects Occlum prior to 0.26.0 for Intel SGX. The pointer-validation logic in util/mem_util.rs acts as a confused deputy, allowing a local attacker to access unauthorized information via side-channel analysis. A fix is available in Occlum 0.26.0 and later; upgrade to mitigate.

CVE-2021-44421

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

Null pointer dereference

Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-45971

An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...

CVE-2021-45969

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not...

CVE-2021-45970

An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 before 05.26.25, 5.3 before 05.35.25, 5.4 before 05.43.25, and 5.5 before 05.51.25. A vulnerability exists in the SMM System Management Mode branch that registers a SWSMI handler that does not sufficient...

CVE-2021-45971

CVE-2021-45971 affects InsydeH2O’s SdHostDriver in the SMM path. A SWSMI handler registers without adequately validating the CommBufferData buffer, enabling potential SMM memory corruption and, per sources, possible code execution within SMM. Affected kernels: 5.1 before 05.16.25, 5.2 before 05.2...

Null pointer dereference

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution...

CVE-2020-12963

An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system...

Input validation

An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system...

CVE-2020-12963

An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system...

CVE-2021-33626

A vulnerability exists in SMM System Management Mode branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointerQWORD values for CommBuffer. This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code executio...

Qualcomm 芯片 代码问题漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A code issue vulnerability exists in Qualcomm chips that stems fr...

CVE-2021-1954

The CVE-2021-1954 issue is a buffer over-read in Qualcomm’s Snapdragon family (parsing FILS indication IE) caused by improper validation of the data pointer. Affects Qualcomm/ Snapdragon components; CVSS v3.1 indicates high severity (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) with network lead and high...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits including primarily semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in several qualcomm...