29 matches found
EUVD-2017-18662
Malware in sbrugna...
EUVD-2024-22946
Malicious code in bioql PyPI...
CVE-2024-25626
Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...
PT-2024-9220 · Mediatek +1 · Mediatek Microchips +1
Name of the Vulnerable Software and Affected Versions: MediaTek microchip software affected versions not specified Android versions 12.0 through 15.0 openWRT versions 19.07 through 23.05 Yocto version 4.0 RDK-B versions 22Q3 through 24Q1 Description: The issue is related to an out-of-bounds write...
CVE-2024-25626
Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...
Input validation
Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...
CVE-2024-25626 Yocto Project Security Advisory - BitBake/Toaster
Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...
CVE-2024-25626 Yocto Project Security Advisory - BitBake/Toaster
Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...
CVE-2024-25626 Yocto Project Security Advisory - BitBake/Toaster
Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...
CVE-2024-25626
The CVE-2024-25626 issue affects Yocto Project’s BitBake/Toaster: when the Toaster web interface is running, there is missing input validation in the Toaster server that can allow remote code execution via a crafted HTTP request. Authentication is not required, and the Toaster server is not part ...
Yocto Project poky Operating System Command Injection Vulnerability
poky is an open source application from The Yocto Project. An operating system command injection vulnerability exists in versions prior to Yocto Project poky 4.3.2, which stems from a lack of input validation. An attacker exploits this vulnerability to remotely execute code in a server shell via...
@essex/powerbi-visual-scripts (=1.1.0), @essex/visual-settings (>=1.0.0 <=3.0.0) +13 more potentially affected by CVE-2018-25049 via email-existence (>=0.1.2 <=0.1.6)
email-existence NPM version =0.1.2, =1.0.0, =1.0.0, =0.1.5, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.1.6, =1.2.4 Source cves: CVE-2018-25049 Source advisory: OSV:GHSA-P27H-4CPF-FW48...
MediaTek 芯片代码问题漏洞
MediaTek Chipsets are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in MediaTek Chipsets, which originates from an anomaly check in wlan, and can be exploited by an attacker to locally escalate privileges, affecting the following products and...
Google Android Access Privilege Control Vulnerability (CNVD-2019-24173)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An access control error vulnerability exists in Yocto in Android. An attacker can exploit the vulnerability to modify properties...
Google Android Access Privilege Control Vulnerability (CNVD-2019-24172)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege permission and access control vulnerability exists in Yocto in Android. An attacker can exploit the vulnerability to cause a security issue in the current scenario,...
Android Permission License and Access Control Vulnerability (CNVD-2019-09148)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege permission and access control vulnerability exists in Yocto in Android, which stems from the program's failure to perform proper access control. A detailed vulnerabili...
Android Permission License and Access Control Vulnerability (CNVD-2019-09147)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege license and access control vulnerability exists in Yocto in Android. A detailed vulnerability description is not available at this time...
Android Privilege Permission and Access Control Vulnerabilities
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege permission and access control vulnerability exists in Yocto in Android that stems from the program not properly configuring nodes. A detailed vulnerability description...
Android Permission License and Access Control Vulnerability (CNVD-2019-09149)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege permission and access control vulnerability exists in Yocto in Android, which stems from the program's failure to perform proper access control. A detailed vulnerabili...
Android Permission License and Access Control Vulnerability (CNVD-2019-09150)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A privilege permission and access control vulnerability exists in Yocto in Android, which stems from the program's failure to perform proper access control. A detailed vulnerabili...