7 matches found
CVE-2026-45195 GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...
PYSEC-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who hasprivilege to create UDF can register malicious function fromuntrusted URI.This issue affects Apache IoTDB: from 1.0.0 before 1.3.4.Users are recommended to upgrade to version 1.3.4, which fixes the...
nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service
A flaw was found in Node.js that allows a denial of service attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fetch function in Node.js that always decodes Brotli, making it possible for an attacker to caus...
UBUNTU-CVE-2024-22025
A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch function in Node.js always decodes Brotli, making i...
Authorization Bypass
OpenZeppelin Contracts is vulnerable to authentication bypass. The vulnerability exists because initializer modifier is not properly handled which allows an attacker to cause reentrancy by executing an external call to an untrusted address...
Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...
PT-2019-1345 · D Link · D-Link Dir-823G
Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G devices with firmware through 1.02B03 Description: An issue allows attackers to execute arbitrary OS commands via shell metacharacters in a crafted /HNAP1 request. This occurs when the GetNetworkTomographyResult function calls...