90509 matches found
The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to writing beyond the buffer limit, allows attackers to cause service failures.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the udf_file_write_iter() function in the fs/udf/file.c module of the Linux kernel file system allows a attacker to cause a service failure.
The vulnerability of the udffilewriteiter function in the fs/udf/file.c module of the Linux kernel file system is related to the writing of an incorrect value as a parameter. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the as_wazuh_object() function on the security monitoring and threat detection platform Wazuh allows a perpetrator to execute arbitrary code.
The vulnerability of the aswazuhobject function on the security monitoring and threat detection platform Wazuh is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with root privileges by...
The vulnerability of the Mozilla Firefox browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.
The vulnerability of Mozilla Firefox’s CSS analysis and calculation components relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the smb2_compound_op() function in the fs/smb/client/smb2inode.c module, which is part of the SMB client support in Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the smb2compoundop function in the fs/smb/client/smb2inode.c module, which is part of the SMB client support in Linux kernel, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerabilities of the functions hci_link_keys_clear(), hci_smp_ltks_clear(), hci_smp_irks_clear(), and hci_blocked_keys_clear() in the net/bluetooth/hci_core.c module of the Linux operating system’s Bluetooth subsystem allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the functions hcilinkkeysclear, hcismpltksclear, hcismpirksclear, and hciblockedkeysclear in the net/bluetooth/hcicore.c module of the Linux operating system’s Bluetooth subsystem is related to the reallocation of previously freed memory. Exploiting this vulnerability could...
The vulnerability in the driver for the Samsung Exynos clock controller’s drivers/clk/mediatek/clk-mt8183.c file of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Samsung Exynos frequency controller driver/drivers/clk/mediatek/clk-mt8183.c for Linux operating systems is related to reading beyond the allowed buffer limit due to incorrect coordination of allocated memory regions for timing controllers in secure power management...
The vulnerability of the amdgpu_vm_sdma_update() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_vm_sdma.c file of the Direct Rendering Infrastructure (DRI) driver for AMD GPU cores in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the amdgpuvmsdmaupdate function in the drivers/gpu/drm/amd/amdgpu/amdgpuvmsdma.c file of the Direct Rendering Infrastructure DRI driver for AMD GPU cores in the Linux operating system is related to access violations when using shared resources. Exploiting this vulnerability c...
The vulnerability of the ext4_validate_block_bitmap() function in the fs/ext4/balloc.c module of the Ext4 file system in the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ext4validateblockbitmap function in the fs/ext4/balloc.c module of the Ext4 file system in the Linux operating system is related to the lack of validation for resource format correctness. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability in the SoundWire driver’s drivers/soundwire/qcom.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability in the SoundWire driver’s qcom.c file in the Linux operating system lies in the access to memory beyond the permissible buffer data size limits, due to violations of resource configuration agreements. Exploiting this vulnerability can allow an attacker to compromise the...
The vulnerability of the mlx5_revoke_mr() function in the drivers/infiniband/hw/mlx5/mr.c file of the Linux kernel’s InfiniBand support driver allows a attacker to cause a service failure.
The vulnerability of the mlx5revokemr function in the drivers/infiniband/hw/mlx5/mr.c file of the Linux kernel’s InfiniBand support module is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the resource_stream_to_stream_idx() function in the drivers/gpu/drm/amd/display/dc/core/dc_resource.c file of the DRI support driver for AMD graphics cards in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the resourcestreamtostreamidx function in the drivers/gpu/drm/amd/display/dc/core/dcresource.c file of the Direct Rendering Infrastructure DRI support driver for AMD graphics cards in Linux operating systems is related to reading beyond the buffer boundaries. Exploiting this...
The vulnerability of the proc_dou8vec_minmax() function in the Linux kernel/sysctl.c module allows a hacker to trigger a service failure.
The vulnerability of the procdou8vecminmax function in the Linux kernel/sysctl.c module is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dc_state_free() function in the drivers/gpu/drm/amd/display/dc/core/dc_state.c driver code allows a malicious actor to cause a service failure in AMD Linux-based graphics cards with Direct Rendering Infrastructure (DRI) support.
The vulnerability of the dcstatefree function in the drivers/gpu/drm/amd/display/dc/core/dcstate.c driver, which is part of the Direct Rendering Infrastructure DRI support for AMD graphics cards in Linux operating systems, involves pointer manipulation. Exploiting this vulnerability could allow a...
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules, related to the use of memory after it is freed, allows attackers to cause a service failure.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to type conversion errors, allows attackers to trigger a service failure.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to data type conversion errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Vulnerability of the Audio/Video component: The playback feature of the Mozilla Firefox browser allows attackers to execute arbitrary code.
Vulnerability of the Audio/Video component: Browser playback in Mozilla Firefox is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Netmaker’s virtual network platform, related to deficiencies in authentication procedures, allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of Netmaker’s virtual network platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...
The vulnerability of the xsk_diag_fill() function in the net/xdp/xsk_diag.c module, which is part of the networking functions of the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the xskdiagfill function in the net/xdp/xskdiag.c module, which implements networking functions for the Linux operating system’s kernel, is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...
Vulnerabilities of the mlx5e_skb_fifo_pop() and mlx5e_ptphandle_ts_cqe() functions in the Linux operating system, which allow attackers to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerabilities of the mlx5eskbfifopop and mlx5eptphandletscqe functions in the Linux operating system are related to the reutilization of previously released memory. Exploiting these vulnerabilities can allow attackers to compromise the confidentiality, integrity, and accessibility of...
The vulnerabilities in the functions imx_dsp_rproc_stop() and imx_dsp_rproc_vq_work() of the driver module remoteproc/imx_dsp_rproc.c, which is part of the Linux operating system’s embedded processor subsystem, allow a malicious actor to cause service failures.
The vulnerabilities of the functions imxdsprprocstop and imxdsprprocvqwork in the driver module remoteproc/imxdsprproc.c of the Linux operating system’s embedded processor subsystem are related to the lack of synchronization. Exploiting these vulnerabilities could allow an attacker to cause a...
The vulnerability of the decode_pool() function in the net/ceph/osdmap.c module, which is part of the Linux kernel’s networking functions, allows a hacker to gain access to protected information or cause service failures.
The vulnerability of the decodepool function in the net/ceph/osdmap.c module, which implements kernel networking functions in the Linux operating system, relates to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to gain access to protected...
The vulnerability of the `fb_deferred_io_init()` function in the drivers/video/fbdev/core/fb_defio.c file of the Linux kernel’s graphics buffer device support driver allows a attacker to cause a service failure.
The vulnerability of the fbdeferredioinit function in the drivers/video/fbdev/core/fbdefio.c file of the Linux kernel’s graphics device support driver module is related to improper initialization. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the `udp_ehashfn()` function in the `net/ipv4/udp.c` module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the udpehashfn function in the net/ipv4/udp.c module of the Linux operating system is related to the execution of a loop without sufficient restrictions on its execution count. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules, related to the occurrence of operations outside the buffer in memory, allows attackers to cause service failures.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to memory usage after deallocation, allows attackers to trigger a denial-of-service attack.
The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerabilities of the functions bnxt_trim_dflt_sh_rings(), bnxt_set_dflt_rings(), and bnxt_init_dflt_ring_mode() in the module drivers/net/ethernet/broadcom/bnxt/bnxt.c of the Broadcom Ethernet network adapter driver for the Linux operating system, which allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerabilities of the functions bnxttrimdfltshrings, bnxtsetdfltrings, and bnxtinitdfltringmode in the driver/net/ethernet/broadcom/bnxt/bnxt.c file of the Broadcom Ethernet network adapter driver for the Linux operating system are related to accessing memory beyond the allowable data buffer...
The vulnerability of the dax_iomap_iter() function in the fs/dax.c module of the XFS file system in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the daxiomapiter function in the fs/dax.c module of the XFS file system in Linux operating systems is related to the improper handling of “dirty” cache blocks by the fsdax module when the Copy-on-Write mechanism is enabled. Exploiting this vulnerability can allow an attacker ...
The vulnerability of the ntfs_list_ea() function in the fs/ntfs3/xattr.c module of the NTFS file system in the Linux operating system allows a attacker to gain access to protected information or cause service interruptions.
The vulnerability of the ntfslistea function in the fs/ntfs3/xattr.c module of the NTFS file system in the Linux operating system is related to reading data beyond the allowed limits of the buffer. Exploiting this vulnerability could allow an attacker to access protected information or cause...
The vulnerability of the `create_io_worker()` function in the `io_uring/io-wq.c` module of the Linux kernel’s asynchronous input/output interface allows a attacker to cause a service failure.
The vulnerability of the createioworker function in the iouring/io-wq.c module, a component of the Linux kernel’s asynchronous input/output interface, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the do_rbd_add() function in the drivers/block/rbd.c module of the Linux kernel’s block devices driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the dorbdadd function in the drivers/block/rbd.c module of the Linux kernel’s block devices driver is related to the reutilization of previously freed memory, as a result of the release of the rbddev structure’s fields spec and opts. Exploiting this vulnerability could allow ...
The vulnerabilities of the functions run_lwt_bpf() and bpf_lwt_xmit_reroute() in the net/core/lwt_bpf.c module, which are part of Linux’s kernel-based networking functions support, allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the functions runlwtbpf and bpflwtxmitreroute in the net/core/lwtbpf.c module relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected informatio...
The vulnerability in the mtk_drmBind() function of the drivers/gpu/drm/mediatek/mtk_drm_drv.c driver, a component of the Direct Rendering Infrastructure (DRI) graphics card driver for Mediatek’s Linux operating system, allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the mtkdrmbind function in the drivers/gpu/drm/mediatek/mtkdrmdrv.c driver for the Direct Rendering Infrastructure DRI of Mediatek graphics cards in Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an...
The vulnerability of Netmaker’s virtual network platform, related to deficiencies in authentication procedures, allows attackers to compromise the integrity of protected information.
The vulnerability of Netmaker’s virtual network platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to remotely compromise the integrity of the protected information...
The vulnerability of Netmaker’s virtual network platform, related to deficiencies in authentication procedures, allows attackers to compromise the confidentiality of protected information.
The vulnerability of Netmaker’s virtual network platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to remotely influence the confidentiality of the protected information...
The vulnerability of the allocate_mr_list() function in the fs/cifs/smbdirect.c module of the Linux kernel file system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the allocatemrlist function in the fs/cifs/smbdirect.c module of the Linux kernel file system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...
The vulnerability of the dpu_encoder_phys_wb_setup_ctl() function in the drivers/gpu/drm/msm/disp/dpu1/dpu_encoder_phys_wb.c driver of the Direct Rendering Infrastructure (DRI) kernel of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the dpuencoderphyswbsetupctl function in the drivers/gpu/drm/msm/disp/dpu1/dpuencoderphyswb.c module of the Direct Rendering Infrastructure DRI driver for the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow a remote attacke...
The vulnerability of the qla_nvme_ls_req() function in the drivers/scsi/qla2xxx/qla_nvme.c module of the Linux operating system’s SCSI device driver allows a hacker to cause a service failure.
The vulnerability of the qlanvmelsreq function in the drivers/scsi/qla2xxx/qlanvme.c module of the Linux SCSI device driver is related to the pointer dereferencing that occurs during the attempt to start an uninitialized queue, whose functionality has been removed. Exploiting this vulnerability c...
The vulnerability of the `radeon_fence_is_signaled()` function in the `drivers/gpu/drm/radeon/radeon_fence.c` file of the DRI graphics card driver for Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the radeonfenceissignaled function in the drivers/gpu/drm/radeon/radeonfence.c file of the Direct Rendering Infrastructure DRI graphics card driver for Linux operating systems is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to...
The vulnerabilities of the functions iommufd_test_md_check_pa() and iommufd_test_md_check_refs() in the driver/iommu/iommufd/selftest.c module of the Linux operating system’s IOMMU driver allow a attacker to cause a service failure.
The vulnerabilities of the functions iommufdtestmdcheckpa and iommufdtestmdcheckrefs in the driver/iommu/iommufd/selftest.c module of the Linux operating system are related to copying buffers without checking the size of the input data a classic buffer overflow attack. Exploiting these...
The vulnerability of the buffer_prepare() function in the drivers/media/pci/cx23885/cx23885-core.c file of the Linux operating system’s multimedia device driver, which allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the bufferprepare function in the driver/media/pci/cx23885/cx23885-core.c file of the Linux operating system’s multimedia device driver library is related to the dereferencing of pointers due to lack of checking of the return value. Exploiting this vulnerability could allow a...
The vulnerability of the `dc_wake_and_execute_dmub_cmd_list()` function in the `drivers/gpu/drm/amd/display/dc/dc_dmub_srv.c` driver, a part of the DRI support driver for AMD graphics cards in Linux operating systems. This vulnerability allows an attacker to trigger a service failure.
The vulnerability of the dcwakeandexecutedmubcmdlist function in the drivers/gpu/drm/amd/display/dc/dcdmubsrv.c driver, which is part of the DRI support driver for AMD graphics cards in Linux operating systems, leads to synchronization errors when using shared resources. Exploiting this...
The vulnerability of the functions thc_i2c_subip regsave() and thc_i2c_subip regs_restore() in the driver/hid/intel-thc-hid/intel-thc/intel-thc-dev.c module of the Linux kernel’s user interface subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the functions thci2csubip regsave and thci2csubip regs Restore in the driver/hid/intel-thc-hid/intel-thc/intel-thc-dev.c module of the Linux kernel’s user interface device subsystem is related to accessing memory beyond the permissible buffer data size due to arithmetic addre...
The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to insufficient input data validation, allows attackers to trigger service failures.
The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the f2fs_decompress_cluster() function in the fs/f2fs/compress.c module of the F2FS file system in the Linux operating system allows a attacker to compromise the integrity and accessibility of protected information.
The vulnerability of the f2fsdecompresscluster function in the fs/f2fs/compress.c module of the F2FS file system in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of...
The vulnerability of Mozilla Firefox’s CSS analysis and calculation components allows attackers to bypass existing security mechanisms safely.
The vulnerability of Mozilla Firefox’s CSS analysis and calculation components is related to the lack of verification of the reliability of data sources or messages. Exploiting this vulnerability can allow attackers to bypass existing security mechanisms remotely...
The vulnerability of the __nilfs_mark inode_dirty() function in the fs/nilfs2/inode.c file of the NILFS2 file system of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nilfsmark inodedirty function in the fs/nilfs2/inode.c file of the NILFS2 file system in the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...
The vulnerability in the driver *drivers/acpi/acpica/psopcode.c* of the ACPI driver (an extended configuration and power management interface for the Linux kernel) allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in the drivers/acpi/acpica/psopcode.c driver of the ACPI framework an extended configuration and power management interface for Linux kernels involves accessing memory beyond the permissible buffer data boundaries due to a violation of the specifications for data transmitted to...
The vulnerability of Netmaker’s virtual network platform, related to improper cleaning or release of resources, allows a hacker to cause a service failure.
The vulnerability of Netmaker’s virtual network platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of the output() function in the jsPDF PDF-generation library allows a hacker to execute arbitrary code.
The vulnerability of the output function in the jsPDF PDF-generation library relates to the lack of protection for the web page structure during the processing of the options parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code, provided that the user opens ...