14 matches found
PT-2026-37619
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from mishandling of the m920xi2cxfer error in media: dvb-usb: m920x, which could lead to a memory leak...
Linux Distros Unpatched Vulnerability : CVE-2023-52742
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect size of the completion result of the management command in virtio-pci, which could lead to...
CVE-2025-23149 tpm: do not start chip while suspended
In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPMCHIPFLAGSUSPENDED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU: 0 PID: 74 ...
DEBIAN-CVE-2022-48836
In the Linux kernel, the following vulnerability has been resolved: Input: aiptek - properly check endpoint type Syzbot reported warning in usbsubmiturb which is caused by wrong endpoint type. There was a check for the number of endpoints, but not for the type of endpoint. Fix it by replacing old...
Funds are locked if can’t transfer reward to recipient in withdraw
Lines of code Vulnerability details Impact When recipient not able to received reward when call withdraw, as natspec: If contract is using proxy pattern, it's possible to register retroactively, however past fees will be lost. We not handle that case to get locked funds back. We should add...
CVE-2022-30236
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
Exploit for Incorrect Resource Transfer Between Spheres in Microsoft
PrintDemon CVE-2020-1048 PrintDemon is a PoC f...
CVE-2020-6835
An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking...
CVE-2020-6835
An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking...
February 22, 2018—KB4075212 (Preview of Monthly Rollup)
February 22, 2018—KB4075212 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4074594 released February 13, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses...
February 22, 2018—KB4077528 (OS Build 15063.936)
February 22, 2018—KB4077528 OS Build 15063.936 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where an application cannot read or write attributes of windows that belong t...
VulnCheck KEV: CVE-2011-4130
Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...