| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously. |
| Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit. |
| Memory corruption while reading the FW response from the shared queue. |
| Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. |
| Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow Common SQL Provider.
When using the partition clause in SQLTableCheckOperator as parameter (which was a recommended pattern), Authenticated UI User could inject arbitrary SQL command when triggering DAG exposing partition_clause to the user.
This allowed the DAG Triggering user to escalate privileges to execute those arbitrary commands which they normally would not have.
This issue affects Apache Airflow Common SQL Provider: before 1.24.1.
Users are recommended to upgrade to version 1.24.1, which fixes the issue. |
| Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. |
| Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. |
| Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. |
| Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code.
While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be executed.
The exploit is only applicable if the client code of parquet-avro uses the "specific" or the "reflect" models deliberately for reading Parquet files. ("generic" model is not impacted)
Users are recommended to upgrade to 1.15.2 or set the system property "org.apache.parquet.avro.SERIALIZABLE_PACKAGES" to an empty string on 1.15.1. Both are sufficient to fix the issue. |
| Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation. |
| IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations. |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. |
| Memory corruption while processing escape code in API. |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges. |
| Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. |
| Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
| Memory corruption may occur due top improper access control in HAB process. |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. |
| Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code. |
