102 matches found
CVE-2019-12720
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvcsendmail.aspx MailAdd parameter SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picturemanagemvc.aspx plantno parameter, the...
OESA-2025-1345 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...
OESA-2025-1343 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...
OESA-2025-1342 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...
CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
UBUNTU-CVE-2024-7881
An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an address that is also dereferenced...
ARM CPU 安全漏洞
ARM CPUs are a family of central processors from the British company ARM. The ARM CPUs suffer from a security vulnerability that stems from the fact that an unprivileged context can trigger a data memory-related prefetch engine to fetch the contents of a privileged location and use those contents...
PT-2025-3695
Name of the Vulnerable Software and Affected Versions arm64 CPU affected versions not specified Description The issue allows an unprivileged context to trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an address that is...
Owncast 安全漏洞
Owncast is an open source, self-hosted, decentralized, single-user real-time video streaming and chat server. A security vulnerability exists in Owncast 0.1.2 and earlier versions, which stems from a loose CORS policy that allows an attacker to make cross-origin requests to read privileged...
CVE-2022-23091 Memory disclosure by stale virtual memory mapping
A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to othe...
CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
Input validation
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
Samsung Magician PC Software Security Vulnerability
SAMSUNG Magician PC Software is an application from Samsung South Korea. It is designed to help manage Samsung SSDs. A security vulnerability exists in Samsung Magician PC Software version 8.0.0, which stems from improper privilege control over named pipes. An attacker exploiting the vulnerabilit...
CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 for Windows allows a local attacker to read privileged data...
IBM Sterling Secure Proxy Security Vulnerability
IBM Sterling Secure Proxy is an International Business Machines IBM application agent used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which stems from an inadequate memory...
PT-2023-22227 · Ibm · Ibm Sterling Secure Proxy
Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.3 through 6.1.0 Description: The issue allows a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. Recommendations...
CVE-2023-26458
An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and modification.The...
CVE-2023-20131
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...
CVE-2023-20127
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...
SUSE CVE-2019-9802
If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...