2515 matches found
CVE-2020-11179
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2020-25257
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files...
CVE-2018-20090
An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...
CVE-2019-13689
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. Chromium security severity: Critical...
CVE-2025-20242
A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise CCE could allow an unauthenticated, remote attacker to read and modify data on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
itech iLabClient 安全漏洞
itech iLabClient is a powerful sender-side lab data receiving software from itech. A security vulnerability exists in itech iLabClient version 3.7.1, which stems from the use of the hard-coded key YngAYdgAE/kKZYu2F2wm6w== to allow local users to read and write to the database...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
CVE-2025-4920
Removed by vendor...
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
AZL-70153 CVE-2025-37879 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9clientwrite and p9clientreadonce, if the server incorrectly replies with success but a negative write/read count then we would consider written negative 3...
CVE-2025-37879
CVE-2025-37879 affects the Linux kernel 9p/net subsystem (p9_client_write/p9_client_read_once). The root cause is signed negative counts being treated as valid due to signed arithmetic; the fix converts relevant counters to unsigned. This vulnerability can lead to improper handling of bogus negat...
CVE-2025-37879 9p/net: fix improper handling of bogus negative read/write replies
In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9clientwrite and p9clientreadonce, if the server incorrectly replies with success but a negative write/read count then we would consider written negative 3...
CVE-2025-46585
CVE-2025-46585 describes an out-of-bounds read/write vulnerability in Huawei HarmonyOS kernel module. The root cause is failure to properly check array boundaries when processing certain data. Reported impact is availability disruption upon successful exploitation. Several connected sources (NVD/...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21687)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21687 advisory. - In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from an out-of-bounds read/write vulnerability. The vulnerability stems from the kernel module failing to properly check array boundaries when processing certain data. An attacker can exploit this...
DEBIAN-CVE-2022-49850
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix deadlock in nilfscountfreeblocks A semaphore deadlock can occur if nilfsgetblock detects metadata corruption while locating data blocks and a superblock writeback occurs at the same time: task 1 task 2 ------ ------ A...
CVE-2022-49834
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nswriter on remount If a nilfs2 filesystem is downgraded to read-only due to metadata corruption on disk and is remounted read/write, or if emergency read-only remount is performed, detaching a l...
UBUNTU-CVE-2025-23158
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a cri-o security vulnerability (CVE-2024-5154)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability found in the cri-o component which could allow an attacker to send a specially crafted URL request containing "dot dot" sequences /../ to read and write arbitrary files on the system. Vulnerability Details CVEID:...