| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption while prociesing command buffer buffer in OPE module. |
| A broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges.
Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
| Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. |
| A broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges.
Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
| Memory corruption while acquire and update IOCTLs during IFE output resource ID validation. |
| Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. |
| A broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges.
Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
| Memory corruption while sound model registration for voice activation with audio kernel driver. |
| A broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges.
Please note: ths issue has already been addressed on the backend service and is no longer considered an active vulnerability. |
| Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations. |
| Remote Code Execution security vulnerability in pgAdmin 4 (Query Tool and Cloud Deployment modules).
The vulnerability is associated with the 2 POST endpoints; /sqleditor/query_tool/download, where the query_commited parameter and /cloud/deploy endpoint, where the high_availability parameter is unsafely passed to the Python eval() function, allowing arbitrary code execution.
This issue affects pgAdmin 4: before 9.2. |
| Memory corruption can occur during context user dumps due to inadequate checks on buffer length. |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. |
| Memory corruption while processing an IOCTL call to set mixer controls. |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. |
| Memory corruption while reading secure file. |
| Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. |
