Show filters
201 Total Results
Displaying 11-20 of 201
Sort by:
Attacker Value
Unknown
CVE-2022-23824
Disclosure Date: November 08, 2022 (last updated February 04, 2024)
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
0
Attacker Value
Unknown
CVE-2022-23825
Disclosure Date: July 12, 2022 (last updated November 08, 2023)
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
0
Attacker Value
Unknown
CVE-2022-29900
Disclosure Date: July 12, 2022 (last updated October 18, 2023)
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
0
Attacker Value
Unknown
CVE-2021-41182
Disclosure Date: October 26, 2021 (last updated November 28, 2024)
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
0
Attacker Value
Unknown
CVE-2021-41183
Disclosure Date: October 26, 2021 (last updated November 28, 2024)
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
0
Attacker Value
Unknown
CVE-2021-41184
Disclosure Date: October 26, 2021 (last updated November 28, 2024)
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
0
Attacker Value
Unknown
CVE-2015-7747
Disclosure Date: February 19, 2020 (last updated February 21, 2025)
Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c.
0
Attacker Value
Unknown
CVE-2016-1544
Disclosure Date: February 06, 2020 (last updated February 21, 2025)
nghttp2 before 1.7.1 allows remote attackers to cause a denial of service (memory exhaustion).
0
Attacker Value
Unknown
CVE-2015-6815
Disclosure Date: January 31, 2020 (last updated February 21, 2025)
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
0
Attacker Value
Unknown
CVE-2015-5745
Disclosure Date: January 23, 2020 (last updated February 21, 2025)
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
0