52 matches found
CVE-2024-44992
In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid possible NULL dereference in cifsfreesubrequest Clang static checker scan-build warning: cifsglob.h:line 890, column 3 Access to field 'ops' results in a dereference of a null pointer. Commit 519be989717c "cifs:...
CVE-2024-44992
CVE-2024-44992 affects the Linux kernel CIFS/SMB client. A NULL dereference could occur in add_credits() when rdata->credits.value != 0 and rdata->server == NULL, due to missing server pointer checks. The fix (commit 519be989717c) adds a guard for rdata->server to prevent dereferencing s...
CVE-2024-36965
A vulnerability was found in the Linux kernel's MediaTek remote processor driver. The Inter-Processor Interrupt IPI buffers were not properly validated to ensure they fit within the L2 Tightly Coupled Memory L2TCM. This issue could lead to buffer overflows or memory corruption. Mitigation...
CVE-2024-36965
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM L2TCM size that is defined in the...
CVE-2024-36965
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM L2TCM size that is defined in the...
CVE-2024-36965 remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM L2TCM size that is defined in the...
CVE-2024-36965
Technical details for CVE-2024-36965 are not publicly provided in the supplied documents. Please monitor official advisories and connected feeds for affected products, versions, impact, and fixes.
CVE-2024-36965 remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM L2TCM size that is defined in the...
Design/Logic Flaw
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent $00, followed by all the FIFO data without having to...
CVE-2023-37860
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon...
Exploit for Untrusted Pointer Dereference in Microsoft
CVE-2023-21768 Local Privilege Escalation POC authors: chomp...
Exploit for Untrusted Pointer Dereference in Microsoft
CVE-2023-21768 Local Privilege Escalation POC authors: chomp...
PYSEC-2022-43067
A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate use...
SUSE: Security Advisory (SUSE-SU-2022:2281-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome 78.0.3904.70 - Remote Code Execution Exploit
Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...
CentOS 8 : virt:rhel (CESA-2020:4059)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4059 advisory. - QEMU: slirp: networking out-of-bounds read information disclosure vulnerability CVE-2020-10756 - QEMU: usb: out-of-bounds r/w access issue while...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
Sony Playstation 4 ValidationMessage::buildBubbleTree() Use-After-Free
const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...