PT-2023-1471 · Amd · Amd System Management Unit

Name of the Vulnerable Software and Affected Versions: AMD System Management Unit SMU affected versions not specified Description: The issue is related to insufficient input validation in the System Management Unit SMU of AMD processors. This may allow an attacker to improperly lock resources,...

PT-2023-1373 · Amd · Amd System Management Unit

Name of the Vulnerable Software and Affected Versions: AMD System Management Unit SMU affected versions not specified Description: The issue is related to insufficient input validation in the SMU, which may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus, potentially...

PT-2023-1488 · Amd · Amd System Management Unit +2

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified AMD System Management Unit SMU affected versions not specified AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to errors in...

CVE-2022-32647

In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646...

BitRAT Now Sharing Sensitive Bank Data as a Lure

Introduction In June of 2022 Qualys Threat Research Unit TRU wrote an in-depth report on Redline, a commercial off the shelf infostealer that spreads via fake cracked software hosted on Discord’s content delivery network. Since then, we have continued to track similar threats to identify their...

PT-2023-13100 · Gpu Drm · Gpu Drm

Name of the Vulnerable Software and Affected Versions: GPU DRM affected versions not specified Description: The issue is related to a possible stack overflow in GPU DRM due to a missing bounds check. This could lead to local escalation of privilege, with System execution privileges needed. User...

UBUNTU-CVE-2022-34676

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering...

NVIDIA GPU Display Driver 代码问题漏洞

NVIDIA GPU Display Driver is a driver software from NVIDIA Corporation that is used for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver that originates in the kernel mode layer where an unprivileged, regular...

PT-2022-6465 · Rittal · Rittal Cmc Pu Iii

Name of the Vulnerable Software and Affected Versions: Rittal CMC III affected versions not specified Description: The issue is related to inadequate access control in the Rittal CMC III central control unit, which can be exploited by an attacker to gain unauthorized access to protected informati...

An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.

...

Mozilla: Use-after-free in WebGL

The Mozilla Foundation Security Advisory describes this flaw as: A missing check related to tex units could have led to a use-after-free and potentially exploitable crash...

Mozilla: Use-after-free in WebGL

The Mozilla Foundation Security Advisory describes this flaw as: A missing check related to tex units could have led to a use-after-free and potentially exploitable crash...

PT-2022-12204 · Siemens · Simatic Drive Controller Cpu 1504D Tf +73

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue concerns the processing of specially crafted packets sent to port 102/tcp. This could potentially allow an attacker to cause a denial of service in the affected devices...

ARM Mali GPU Kernel Driver 资源管理错误漏洞

The ARM Mali GPU Kernel Driver is a driver for a graphics processor unit from ARM UK. The Arm Mali GPU Kernel Driver suffers from a resource management error vulnerability that originates from the fact that an unprivileged user can access freed memory leading to post-freedom reuse through imprope...

PT-2022-36134 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: A potential security issue exists due to inconsistent minimal MTU enforcement in macvlan. The actual impact and attack plausibility have not yet been proven. It was introduced in version...

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments,...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a logic error found in the mpu that could lead to memory corruption...

unit-conversion.info Cross Site Scripting vulnerability OBB-3085845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.

...

New Opera 93 Stable update includes fix for latest Chromium zero-day

Security New Opera 93 Stable update includes fix for latest Chromium zero-day Share December 2nd, 2022 Hi everyone! Opera for Windows and Mac have received Stable updates 93.0.4585.37 and 93.0.4585.39 respectively. Among other things, these updates include Chromium update 107.0.5304.122, which...