CVE-2020-28349

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

ARM Mali GPU Kernel Driver < r24p0 / < r30p0 Use After Free (CVE-2022-28349)

The version of the Mali GPU Kernel Driver installed on the remote system is prior to r24p0 running on Bifrost or Valhall architecture or prior to r30p0 running on Midgard architecture. It is, therefore affected by a use-after-free error. A non-privileged user can obtain access to already freed...

CVE-2023-28349

CVE-2023-28349 affects Faronics Insight on Windows (v10.0.19045). A crafted program that mimics the Teacher Console can cause Student Consoles to connect and, with NT AUTHORITY/SYSTEM permissions, write arbitrary files to arbitrary locations, enabling remote code execution. The vulnerability aris...

CVE-2022-28349

The CVE-2022-28349 entry concerns Arm Mali GPU Kernel Driver use-after-free in core shader architectures: Midgard (r28p0–r29p0 before r30p0), Bifrost (r17p0–r23p0 before r24p0), and Valhall (r19p0–r23p0 before r24p0). Exploit impact in published sources notes that a non-privileged user may obtain...

CVE-2021-28349

Windows GDI+ Remote Code Execution Vulnerability...

CVE-2021-28349

Technical details (affected products/versions, root cause, exploit specifics, remediation) for CVE-2021-28349 are not provided in the connected documents. Monitor official advisories and vulnerability feeds for updates.

KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface. Below is a...

KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...

KB5001389: Windows Server 2008 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft Internet Messaging API Remote Code Execution Vulnerability CVE-2021-27089 - Windows Kernel Information Disclosure Vulnerability CVE-2021-27093, CVE-2021-28309 - Windows Media...

KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Microsoft Internet Messaging API Remote Code...

CVE-2020-28349

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

CVE-2020-28349

CVE-2020-28349 affects ChirpStack Network Server 3.9.0. The issue is an inaccurate frame deduplication in internal/uplink/collect.go, allowing a malicious gateway to cause uplink DoS via malformed frequency attributes in CollectAndCallOnceCollect. Public sources (Red Hat, Veracode, CNVD, PT-Secur...