| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option. |
| Memory corruption during array access in Camera kernel due to invalid index from invalid command data. |
| Memory corruption Camera kernel when large number of devices are attached through userspace. |
| Memory corruption while prociesing command buffer buffer in OPE module. |
| Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. |
| Improper privilege management vulnerability in summary report management in Synology Presto File Server before 2.1.2-1601 allows remote authenticated users to bypass security constraint via unspecified vectors. |
| Memory corruption while processing an IOCTL call to set mixer controls. |
| Memory corruption can occur during context user dumps due to inadequate checks on buffer length. |
| Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations. |
| Memory corruption while sound model registration for voice activation with audio kernel driver. |
| Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. |
| A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1. |
| Memory corruption while acquire and update IOCTLs during IFE output resource ID validation. |
| Memory corruption while reading secure file. |
| Memory corruption during the FRS UDS generation process. |
| Memory corruption while decoding of OTA messages from T3448 IE. |
| Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE. |
