CVE-2025-40172 accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages()

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...

CVE-2024-35951

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

CVE-2024-35951 drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

Buffer Overflow

sgt-puzzles is vulnerable to Buffer Overflow. The vulnerability allows a malicious attacker to craft a save file to cause interger overflow or buffer overflow within the system...

Buffer Overflow

sgt-puzzles is vulnerable to Buffer Overflows. The vulnerability allows a malicious attacker to craft a save file to cause interger overflow or buffer overflow within the system...

Buffer Overflow

sgt-puzzles is vulnerable to Buffer Overflows. The vulnerability allows a malicious attacker to craft a save file to cause interger overflow or buffer overflow within the system...

Buffer Overflow

sgt-puzzles is vulnerable to Buffer Overflows. The vulnerability allows a malicious attacker to craft a save file to cause interger overflow or buffer overflow within the system...

Malicious Package

Overview sgt-build-process is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

Malicious Package

Overview sgt-wp-js-log is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

sgt-korea.com Cross Site Scripting vulnerability OBB-2621426

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Siemens Energy AGT and SGT Solutions

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SGT Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

Prototype Pollution in rodrigocmoreira/sgt-fields

Description sgt-fields is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var sgtFields = require"sgt-fields" var obj = console.log"Before : " + .polluted; sgtFields.setobj,"proto.polluted","Yes! Its Polluted"; console.log"After : " + .polluted; 2...

CVE-2018-15395

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller WLC Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The...

Authentication flaw

A vulnerability in the authentication and authorization checking mechanisms of Cisco Wireless LAN Controller WLC Software could allow an authenticated, adjacent attacker to gain network access to a Cisco TrustSec domain. Under normal circumstances, this access should be prohibited. The...

CVE-2018-15395

Cisco Wireless LAN Controller Software Privilege Escalation Vulnerability (CVE-2018-15395) allows an authenticated, adjacent attacker to abuse dynamic Security Group Tag (SGT) assignment during roaming between SSIDs within a Cisco TrustSec domain, potentially gaining unauthorized privileged netwo...

Fedora 20 : php-5.5.22-1.fc20 (2015-2328)

19 Feb 2015, PHP 5.5.22 Core : - Fixed bug 67068 getClosure returns somethings that's not a closure. Danack at basereality dot com - Fixed bug 68925 Mitigation for CVE-2015-0235 ' GHOST: glibc gethostbyname buffer overflow. Stas - Fixed bug 68942 Use after free vulnerability in unserialize with...