16 matches found
EUVD-2023-37256
Malicious code in bioql PyPI...
Memory corruption
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points...
CVE-2023-33067
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points...
CVE-2023-33067 Use of Out-of-range Pointer Offset in Audio
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points...
CVE-2023-33067 Use of Out-of-range Pointer Offset in Audio
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points...
CVE-2023-33067
CVE-2023-33067 involves memory corruption in Qualcomm Audio when the START command is issued repeatedly on host voice PCM for the same RX/TX tap points. The description and connected sources consistently indicate a vulnerability in the audio path, with affected component appearing to be Qualcomm’...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from memory corruption in audio when the START command on the host voice PCM is called multiple times for the same RX or TX tap point...
Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)
Summary Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. Details The Home Preference page exposes a list of system settings such as Run Mode, Jwt Secret, Node Secret and Terminal Start Command. The...
GHSA-8R25-68WM-JW35 Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)
Summary Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. Details The Home Preference page exposes a list of system settings such as Run Mode, Jwt Secret, Node Secret and Terminal Start Command. The...
Nginx UI Command Injection Vulnerability
Nginx UI is a WebUI for Nginx by Jacky Personal Developer. A command injection vulnerability exists in Nginx UI versions prior to 2.0.0.beta.9, which can be exploited by an attacker to execute arbitrary commands by modifying the startcmd setting...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that results from a denial of service when processing a WMI P2P listen start command 0xD00A sent from a host...
PT-2024-12412 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a Transient Denial of Service DOS that occurs while processing a WMI P2P listen start command 0xD00A sent from a host. Recommendations: At the moment, there is no...
PT-2023-8394 · Nginx-Ui · Nginx-Ui
Name of the Vulnerable Software and Affected Versions: Nginx-UI versions prior to 2.0.0.beta.9 Description: The issue concerns arbitrary command execution by abusing configuration settings in Nginx-UI, a web interface for managing Nginx configurations. The Home Preference page exposes system...
Adobe Magento App 安全漏洞
Adobe Magento is the United States of America Odobie Adobe company's set of open source PHP e-commerce system . The system provides features such as rights management, search engine and payment gateway. A security vulnerability exists in Create Magento App that stems from the lack of implementati...
Buffer overflow
Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU,...
SA permissions are nine kinds of upload methods-vulnerability warning-the black bar safety net
SA rights is very large,but may be some friends feel inconvenient to use,the next and everyone together to discuss several Upload File method,if there's another way,I hope you made,the technology,the more the defense plays, the more bright the higher. First, NBSI command method:write the word woo...