| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running
cuobjdump. |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm. |
| Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers. |
| Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake. |
| Memory corruption while handling invalid inputs in application info setup. |
| Memory corruption while encoding the image data. |
| Memory corruption due to global buffer overflow when a test command uses an invalid payload type. |
| Memory corruption due to double free when multiple threads race to set the timestamp store. |
| Memory corruption while handling repeated memory unmap requests from guest VM. |
| Memory corruption while processing data sent by FE driver. |
| Memory corruption while processing message in guest VM. |
| memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. |
| Cryptographic issue while performing RSA PKCS padding decoding. |
| Memory corruption while performing private key encryption in trusted application. |
| Memory corruption while selecting the PLMN from SOR failed list. |
| Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. |
| A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. |
| A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. |
