CVE-2024-21813

Exposure of resource to wrong sphere in some IntelR DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-21813

Exposure of resource to wrong sphere in some IntelR DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-21813

Exposure of resource to wrong sphere in some IntelR DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access...

Intel Dynamic Tuning Technology 安全漏洞

Intel Dynamic Tuning Technology is a technology from Intel Corporation that enables smarter and more efficient performance management by dynamically tuning processor and system performance parameters. A security vulnerability exists in Intel Dynamic Tuning Technology, which arises from an issue...

amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance

In artax version before 1.0.6 and 2 before 2.0.6, cookies of foo.bar.example.com were leaked to foo.bar. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the...

asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption

The encryption and decryption process were vulnerable against the Bleichenbacher's attack, which is a padding oracle vulnerability disclosed in the 98'. The issue was about the wrong padding utilized, which allowed to retrieve the encrypted content. The OPENSSLPKCS1PADDING version, aka PKCS v1.5...

PT-2024-10053 · Intel · Intel Dtt

Name of the Vulnerable Software and Affected Versions: Intel DTT software affected versions not specified Description: The issue is related to the exposure of resources to the wrong sphere in some Intel DTT software installers, potentially allowing an authenticated user to enable escalation of...

The vulnerability of the microprogrammed software of the MELSEC iQ-R Series Safety CPU and Series SIL2 Process CPU modules lies in the overly restrictive mechanism for blocking user accounts. This allows a malicious person to lock out the user account.

The vulnerability of the microprogrammed software of MELSEC iQ-R Series Safety CPUs and Series SIL2 Process CPUs is related to an overly restrictive mechanism for blocking user accounts. Exploiting this vulnerability could allow a malicious actor to lock out a user’s account by entering a known...

The vulnerability of Xenstore information storage in Xen hypervisors allows a attacker to cause a service failure.

The vulnerability of Xenstore information storage in Xen hypervisors is related to the exploitation of a wrong pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2024-25818 · Unknown · Spacemesh Api +1

Name of the Vulnerable Software and Affected Versions: go-spacemesh versions prior to 1.5.2-hotfix1 Spacemesh API versions prior to 1.37.1 Description: The issue allows nodes to publish activations transactions ATXs that reference an incorrect previous ATX of the Smesher that created the ATX. Thi...

UBUNTU-CVE-2022-48694

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ibdrainsq to hang with no completion. Fix this to generate...

CVE-2022-48694 RDMA/irdma: Fix drain SQ hang with no completion

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ibdrainsq to hang with no completion. Fix this to generate...

PT-2024-7187

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the function dcn302 fpu update bw bounding box in the drm/amd/display module, where an incorrect index calculation can occur. This may allow an attacker to impact...

kernel: ext4: set goal start correctly in ext4_mb_normalize_request

A flaw was found in the Linux kernel's ext4 filesystem block allocator. In ext4mbnormalizerequest, the goal start was being set incorrectly acfex instead of acgex, and boundary validation was missing. Without proper range checking, an underflow in ar-pright - size could pass an invalid value to...

Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vboxwebsrv service. The issue results from the exposure of a resource to t...

CosmWasm affected by arithmetic overflows

Some mathematical operations in cosmwasm-std use wrapping math instead of panicking on overflow for very big numbers. This can lead to wrong calculations in contracts that use these operations. Affected functions: - Uint256,512::pow / Int256,512::pow - Int256,512::neg Affected if overflow-checks ...

RUSTSEC-2024-0338 Arithmetic overflows in cosmwasm-std

Some mathematical operations in cosmwasm-std use wrapping math instead of panicking on overflow for very big numbers. This can lead to wrong calculations in contracts that use these operations. Affected functions: - Uint256,512::pow / Int256,512::pow - Int256,512::neg Affected if overflow-checks ...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...

Mozilla: GetBoundName in the JIT returned the wrong object

The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were applied...