kernel: out-of-bound read in memcpy_fromiovecend()

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length. This can cause a read beyond the buffer boundaries flaw and, in certain cases, cause a memory access fault and a system halt by accessing invalid...

CVE-2021-27562

In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode...

CVE-2018-12005

An unprivileged user can issue a binder call and cause a system halt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU,...

CVE-2017-18658

An issue was discovered on Samsung mobile devices with M6.0 software. The multiwindowfacade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 August 2017...

EUVD-2018-3997

Malware in sbrugna...

EUVD-2001-1254

Malware in sbrugna...

EUVD-2017-9749

Malware in sbrugna...

EUVD-2000-0629

Malware in sbrugna...

EUVD-2008-4202

Malware in sbrugna...

CVE-2024-5198

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt...

CVE-2024-5198

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt...

CVE-2024-5198

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt...

CVE-2024-5198

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt...

CVE-2024-5198

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt...

CVE-2024-5198

Summary (CVE-2024-5198): OpenVPN ovpn-dco for Windows 1.1.1 is affected. An unprivileged local attacker can send invalid I/O control data to the driver, causing a NULL pointer dereference and a system halt. The vulnerability is triggered via I/O control messages to the OpenVPN DCO Windows driver....

CVE-2024-50017 x86/mm/ident_map: Use gbpages only where full GB page should be mapped.

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

CVE-2023-38999

A Cross-Site Request Forgery CSRF in the System Halt API /system/halt of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service DoS via a crafted GET request...

CVE-2023-38999

A Cross-Site Request Forgery CSRF in the System Halt API /system/halt of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service DoS via a crafted GET request...

CVE-2023-38999

A Cross-Site Request Forgery CSRF in the System Halt API /system/halt of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service DoS via a crafted GET request...

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in the System Halt API /system/halt of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service DoS via a crafted GET request...