GSD-2023-1001270 drm/vmwgfx: Validate the box size for the snooped cursor

drm/vmwgfx: Validate the box size for the snooped cursor This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1000176 tipc: re-fetch skb cb after tipc_msg_validate

tipc: re-fetch skb cb after tipcmsgvalidate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...

CVE-2022-23814

Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment...

GHSA-WQQV-JCFR-9F5G PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash

Impact DyeColorIdMap-fromId did not account for the possibility that it might be given invalid input. This means that an undefined offset error would occur whenever this happened. This code is indirectly called during Banner-deserializeCompoundTag, which is invoked when deserializing any item NBT...

PT-2022-9029 · Openmrs · Openmrs Appointment Scheduling Module

Name of the Vulnerable Software and Affected Versions: OpenMRS Appointment Scheduling Module versions up to 1.12.x Description: A problematic issue has been found, affecting the validateFieldName function of the AppointmentTypeValidator.java file. This leads to cross-site scripting and can be...

CVE-2022-47895

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files...

CVE-2022-47895

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files...

CVE-2022-47895

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files...

CVE-2022-47895

JetBrains IntelliJ IDEA before 2022.3.1 is affected by CVE-2022-47895 through the "Validate JSP File" action, which uses HTTP to download required JAR files. The underlying issue enables a scenario where an attacker could influence the download of JARs, potentially enabling exploitation via deser...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is an integrated development environment for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA prior to version 2022.3.1, which is caused by the "Validate JSP file" operation using the HTTP protocol to download t...

PT-2022-7094 · Jetbrains · Intellij Idea

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2022.3.1 Description: The issue is related to the "Validate JSP File" action in IntelliJ IDEA, which used the HTTP protocol to download required JAR files. This allows a remote attacker to download...

CLSA-2022-1671123868 rpm: Fix of 2 CVEs

CVE-2021-35939: validate intermediate symlinks during installation - CVE-2021-35938: set file metadata via fd-based ops for everything but symlinks - Fix file descriptor leak recently introduced in rpmPackageFilesInstall...

PT-2022-26184 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton versions prior to 2.4.3 Description: The issue is related to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to validateAuthToken using a victim's userId,...

Code injection

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protoc...

Exchange's _returnDust() does not validate return value of call() to send excess ETH to sender.

Lines of code Vulnerability details Impact When a caller to Exchange's execute or bulkExecute includes more ETH than is required to complete the transactions, returnDust is intended to return this excess back to the caller. However, returnDust does not validate that the call it performs to return...

PT-2022-35578 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue concerns an error in the length of the VALIDATE NEGOTIATE INFO message in the cifs component. The actual impact and potential for attack have not been proven yet. Recommendations...

Cross site scripting

SalonERP version 3.0.2 allows an external attacker to steal the cookie of arbitrary users. This is possible because the application does not correctly validate the page parameter against XSS attacks...

Code injection

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. This is possible because the application does not validate permissions correctly...

StandardPolicyERC1155.sol doesn't validate the order.amount properly.

Lines of code Vulnerability details Impact StandardPolicyERC1155.sol doesn't validate the order.amount properly. This contract is used to check a policy for matching orders of ERC1155 tokens. But it doesn't check the amount of ERC1155 token properly and traders might lose their funds unexpectedly...

Rockwell Automation Factory Talk VantagePoint SQL Injection Vulnerability

Rockwell Automation Factory Talk VantagePoint is an advanced industrial application ecosystem from Rockwell Automation, Inc. The SQL injection vulnerability in Rockwell Automation Factory Talk VantagePoint stems from a failure to properly validate SQL statements entered by users when retrieving...