CVE-2024-39571

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 HF1. Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an attacker with the right to modify the SNMP...

CVE-2024-39871

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly separate the rights to edit device settings and to edit settings for communication relations. This could allow an authenticated attacker with the permission to manage...

GSD-2023-1002061 i2c: designware: use casting of u64 in clock multiplication to avoid overflow

i2c: designware: use casting of u64 in clock multiplication to avoid overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...

GSD-2023-1001908 i2c: designware: use casting of u64 in clock multiplication to avoid overflow

i2c: designware: use casting of u64 in clock multiplication to avoid overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

GSD-2023-1001539 dm thin: Use last transaction's pmd->root when commit failed

dm thin: Use last transaction's pmd-root when commit failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1001530 drm/vmwgfx: Validate the box size for the snooped cursor

drm/vmwgfx: Validate the box size for the snooped cursor This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1000932 dm thin: Fix UAF in run_timer_softirq()

dm thin: Fix UAF in runtimersoftirq This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit 34cd15d83b7206188d440b29b68084fcafde9395,...

GSD-2022-1007116 KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02

KVM: nVMX: Don't propagate vmcs12's PERFGLOBALCTRL settings to vmcs02 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...

TPCMS arbitrary file upload vulnerability

TPCMS, an open source content management system from the individual developers of Source of Happiness, is vulnerable to an arbitrary file upload vulnerability in version v3.2, which stems from a lack of validation of uploaded files by the application. An attacker could exploit this vulnerability ...

GSD-2021-1002524 staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()

staging: rtl8192e: Fix use after free in rtl92epcidisconnect This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.6 by commit...

GSD-2021-1002503 can: sja1000: fix use after free in ems_pcmcia_add_card()

can: sja1000: fix use after free in emspcmciaaddcard This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.85 by commit...

GSD-2021-1002397 can: sja1000: fix use after free in ems_pcmcia_add_card()

can: sja1000: fix use after free in emspcmciaaddcard This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.258 by commit...

GSD-2021-1002369 staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()

staging: rtl8192e: Fix use after free in rtl92epcidisconnect This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.292 by commit...

GSD-2021-1002280 NFC: add NCI_UNREG flag to eliminate the race

NFC: add NCIUNREG flag to eliminate the race This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.82 by commit...

Mini-XML 3.2 Heap Overflow

Exploit Title: Mini-XML 3.2 - Heap Overflow Google Dork: mxml Mini-xml Mini-XML Date: 2020.10.19 Exploit Author: LIWEI Vendor Homepage: https://www.msweet.org/mxml/ Software Link: https://github.com/michaelrsweet/mxml Version: v3.2 Tested on: ubuntu 18.04.2 1.- compile the Mini-XML code to a...