117 matches found
Sensitive Information Disclosure
Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...
Sensitive Information Disclosure
Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...
Sensitive Information Disclosure
Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...
CVE-2022-26365
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
CVE-2022-26365
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
Apple Security Update: tvOS 15.5.1
Apple recommends to install security update tvOS 15.5.1 on devices Apple TV 4K, Apple TV 4K 2nd generation, and Apple TV HD...
Apple TV 缓冲区错误漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...
Apple TV 4K和Apple TV HD 信任管理问题漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A trust management issue vulnerability exists in Apple TV 4K, Appl...
Apple TV 缓冲区错误漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...
Apple tvOS 缓冲区错误漏洞
Apple tvOS is an operating system for Smart TVs from Apple. Apple tvOS suffers from a buffer error vulnerability that stems from a boundary error in WebKit's handling of HTML content. A remote attacker could trick a victim into visiting a specially crafted website, trigger a memory corruption, an...
Apple TV 缓冲区错误漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...
Apple TV 资源管理错误漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product. A resource management error vulnerability exists in Apple TV 4K, Appl...
Apple TV 竞争条件问题漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... Apple TV 4K, Apple TV 4K 2nd Generation, and Apple TV HD are...
Apple tvOS 资源管理错误漏洞
Apple tvOS is an operating system for Smart TVs from Apple. Apple tvOS suffers from a resource management error vulnerability that originates from a post-release reuse error in WebKit when processing HTML content. A remote attacker could trick a victim into visiting a specially crafted website,...
Apple tvOS 缓冲区错误漏洞
Apple tvOS is an operating system for Smart TVs from Apple. Apple tvOS suffers from a buffer error vulnerability that stems from a boundary error in WebKit's handling of HTML content. A remote attacker could trick a victim into visiting a specially crafted website, trigger a memory corruption, an...
Apple TV 缓冲区错误漏洞
Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...
Creston Web Interface 1.0.0.2159 - Credential Disclosure Vulnerability
Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...
CVE-2022-23178
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...
CVE-2022-23178
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...
CVE-2022-23178
CVE-2022-23178 affects Crestron HD-MD4X2-4K-E devices (firmware v1.0.0.2159). The unauthenticated admin web interface exposes credentials by sending a JSON payload with uname and upassword via aj.html, enabling login to the web interface. Impact is high (full authentication/password disclosure wi...