| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account. |
| A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server. |
| Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option. |
| Memory corruption during array access in Camera kernel due to invalid index from invalid command data. |
| Memory corruption Camera kernel when large number of devices are attached through userspace. |
| Memory corruption while prociesing command buffer buffer in OPE module. |
| Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
| Improper privilege management vulnerability in summary report management in Synology Presto File Server before 2.1.2-1601 allows remote authenticated users to bypass security constraint via unspecified vectors. |
| Memory corruption while processing an IOCTL call to set mixer controls. |
| Memory corruption can occur during context user dumps due to inadequate checks on buffer length. |
| Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations. |
| Memory corruption while sound model registration for voice activation with audio kernel driver. |
| Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. |
| A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1. |
| Memory corruption while acquire and update IOCTLs during IFE output resource ID validation. |
| Memory corruption while reading secure file. |
| Memory corruption during the FRS UDS generation process. |
