MediaTek 芯片缓冲区错误漏洞

MediaTek isp is a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek isp that stems from an incorrect boundary check that results in an out-of-bounds write...

MediaTek 芯片缓冲区错误漏洞

MediaTek isp is a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek isp, which stems from a lack of boundary checking, leading to out-of-bounds writes...

MediaTek 芯片输入验证错误漏洞

MediaTek Chipsets are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from uninitialized data in the isp that may be written out-of-bounds, which could lead to a local privilege escalation that requires system execution...

AMD Processors 安全漏洞

AMD Processors is a processor from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Processors. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are various chips from MediaTek, a Chinese company MediaTek. A buffer error vulnerability exists in the MediaTek gpu drm that stems from improper input validation leading to out-of-bounds writes...

sudo -- Potential out-of-bounds write for small passwords

CVE.org reports: Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to sudo by entering a password of seven...

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

Heap overflow

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

UBUNTU-CVE-2022-3810

A vulnerability was found in Axiomatic Bento4. It has been classified as problematic. This affects the function AP4File::AP4File of the file Mp42Hevc.cpp of the component mp42hevc. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

Tomcat: Information disclosure

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 tha...

Tomcat: Information disclosure

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 tha...

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 3

Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. In our previous posts, we covered how to achieve access to flash memory and how to extract file system data from the device. In this post, we'll cover how to modify the data we've extracted. Modify extracted file...

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Pt. 2

Welcome back to our blog series on Rapid7's IoT Village exercise from DEF CON 30. Last week, we covered the basics of the exercise and achieving access to flash memory. In this post, we'll cover how to extract partition data. Extracting partition data The next step in our hands-on IoT hacking...

hw: cpu: Intel: information disclosure via local access

A flaw was found in hw. The unprotected alternative channel of return branch target prediction in some IntelR Processors may allow an authorized user to enable information disclosure via local access...

F5 Networks BIG-IP : Intel Processor vulnerability (K11601010)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K11601010 advisory. - Observable behavioral discrepancy in some IntelR Processors may allow an authorized user to potentially enable...

[SECURITY] Fedora 35 Update: libreoffice-7.2.7.2-2.fc35

LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...