In the SEPolicy configuration of system apps, there is a possible access to the ‘ip’ utility due to an insecure default value. This could lead…

A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the…

Improper Access Control vulnerability in the Duo SMS two-factor of Devolutions Remote Desktop Manager 2022.2.14 and earlier allows attackers to bypass the application lock. This…

An XSS exists in automation controller UI where the project name is susceptible to XSS injection Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için…

Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve (non-personal) system data, modify system data but can’t…

Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn’t have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request…

In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race condition. This could lead to local escalation of privilege with…

In PVRSRVBridgePMRPDumpSymbolicAddr of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This…

The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex…

Windows TCP/IP Remote Code Execution Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database