Out-of-bounds read/write in `Index` and `IndexMut` implementations

The Index and IndexMut implementations for Caja use unchecked pointer arithmetic without bounds validation. Creating a Caja with a small key and then accessing an out-of-range index causes out-of-bounds reads or writes beyond the allocated memory. This can be triggered through safe public APIs —...

CVE-2021-22712

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

EUVD-2021-26887

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked srv-listener null pointer, which could result in the null pointer being dereferenced...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked sactl pointer that could lead to null pointer dereferencing...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked NULL pointer, which could result in a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked NULL bdev pointer, which could result in a null pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2021-3578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer valu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked null pointer resulting in a null pointer dereference...

ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space

A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows arbitrary code execution via an unchecked implementation pointer in the Pattern color space...

ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space

A flaw was found in Artifex Ghostscript's psi/zcolor.c component. This vulnerability allows arbitrary code execution via an unchecked implementation pointer in the Pattern color space...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked DMA pointer that could lead to a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an unchecked return of null pointer by devmkasprintf in the gpio:grgpio module...

ALPINE-CVE-2024-46951

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution...

Artifex Ghostscript 安全漏洞

Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.04.0, which is caused by an unchecked implementation pointer in the...

CVE-2024-45746

Summary: CVE-2024-45746 affects Trusted Firmware-M up to version 2.1.0. The flaw lies in mailbox handling where user-provided in_vec/out_vec pointers are not validated, and the length of pending output arguments is updated after a PSA call regardless of the call result. This enables an attacker t...

SUSE CVE-2008-0010

The copyfromusermmapsem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations...

kernel: iwlwifi: mvm: check debugfs_dir ptr before use

A denial of service vulnerability was found in the Linux kernel. When debugfs is set as off in the kernel command line, iwiwifi's mvm module uses an invalid/unchecked debugfsdir pointer, resulting in disruption to availability...

kernel: iwlwifi: mvm: check debugfs_dir ptr before use

A denial of service vulnerability was found in the Linux kernel. When debugfs is set as off in the kernel command line, iwiwifi's mvm module uses an invalid/unchecked debugfsdir pointer, resulting in disruption to availability...

CVE-2022-2785 Arbitrary Memory read in BPF Linux Kernel

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...