20 matches found
CVE-2019-1010112
OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...
GSD-2023-1001469 Input: elants_i2c - properly handle the reset GPIO when power is off
Input: elantsi2c - properly handle the reset GPIO when power is off This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2022-1006175 x86/pmem: Fix platform-device leak in error path
x86/pmem: Fix platform-device leak in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1006130 spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1005821 spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1004078 drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/hdmi: check return value after calling platformgetresourcebyname This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...
GSD-2022-1000647 af_packet: fix data-race in packet_setsockopt / packet_setsockopt
afpacket: fix data-race in packetsetsockopt / packetsetsockopt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.6 by commit...
GSD-2022-1000197 drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
drm/msm/dsi: invalid parameter check in msmdsiphyenable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.96 by commit...
GSD-2022-1000108 af_packet: fix data-race in packet_setsockopt / packet_setsockopt
afpacket: fix data-race in packetsetsockopt / packetsetsockopt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.265 by commit...
GSD-2022-1000087 af_packet: fix data-race in packet_setsockopt / packet_setsockopt
afpacket: fix data-race in packetsetsockopt / packetsetsockopt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.300 by commit...
UVI-2021-1002154 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...
UVI-2021-1002084 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
GSD-2021-1002084 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
UVI-2021-1001975 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.213 by commit...
GSD-2021-1001470 net: validate lwtstate->data before returning from skb_tunnel_info()
net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.277 by commit...
GSD-2021-1001439 net: validate lwtstate->data before returning from skb_tunnel_info()
net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.277 by commit...
UVI-2021-1001371 net: validate lwtstate->data before returning from skb_tunnel_info()
net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.199 by commit...
GSD-2021-1000690 tipc: skb_linearize the head skb when reassembling msgs
tipc: skblinearize the head skb when reassembling msgs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.271 by commit...
GSD-2021-1000597 tipc: skb_linearize the head skb when reassembling msgs
tipc: skblinearize the head skb when reassembling msgs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit...
Cross site request forgery (csrf)
OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery CSRF. The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3...