158 matches found
CVE-2018-5903
Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU...
CVE-2018-5911
Buffer overflow in WLAN function due to improper check of buffer size before copying in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 73...
CVE-2019-2259
Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,...
CVE-2018-11947
CVE-2018-11947 concerns a double-free in the txrx stats request during pdev detach as the host driver unloads on Snapdragon platforms (multiple Snapdragon Mobile/IoT/industrial devices and various Qualcomm/QCS/QCA/SDM families). The description notes a potential use-after-free style issue in the ...
CVE-2018-11929
CVE-2018-11929 describes a heap/overflow risk from lack of input validation in WLAN handling within Qualcomm-derived SDP/APIs. Public documents (NVD, Red Hat, CNVD, CVE listings) tie the issue to Qualcomm Snapdragon families (e.g., Auto, Consumer IOT, Industrial IOT, Mobile, Voice & Music) across...
CVE-2018-11929
Lack of input validation in WLAN function can lead to potential heap overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD...
CVE-2018-11947
The txrx stats req might be double freed in the pdev detach when the host driver is unloading in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...
CVE-2018-13898
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655,...
Amazon Linux: Security Advisory (ALAS-2016-730)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
lefigaro.fr XSS vulnerability
Vulnerable URL: http://www.lefigaro.fr/commentaires/alerter.php?id=%22%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 730 VIP...
Prolink PRN2001 - Multiple Vulnerabilities
Prolink PRN2001 - Multiple Vulnerabilities Exploit Title: Prolink PRN2001 Multiple Vulnerabilities 1. -Advisory Information- Title: Prolink PRN2001 Multiple Vulnerabilities Firmware: Ver 1.2 Firmware URL: http://www.prolink2u.com/download/fw/fwPRN2001V1.220130323.zip Vendor Homepage:...
SAP NetWeaver logon.html — XSS
Application: SAP NetWeaver Versions Affected: SAP NetWeaver SAPBASIS 620-730 Vendor URL: Bugs: XSS Exploits: YES Reported: 05.02.2010 Vendor response: 06.02.2010 Date of Public Advisory: 09.03.2011 CVE-number: Author: Alexey Sintsov Description SAP NetWeaver BSP logon page has linked XSS...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in multiple Century Systems routers including XR-410 before 1.6.9, XR-510 before 3.5.3, XR-440 before 1.7.8, and other XR series routers from XR-510 to XR-730 allows remote attackers to modify configuration as the administrator via unknown vectors...
Fedora Update for flac FEDORA-2007-730
Check for the Version of flac OpenVAS Vulnerability Test Fedora Update for flac FEDORA-2007-730 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Debian Security Advisory DSA 730-1 (bzip2)
The remote host is missing an update to bzip2 announced via advisory DSA 730-1. OpenVAS Vulnerability Test $Id: deb7301.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 730-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-730-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-730-1 : bzip2 - race condition
Imran Ghory discovered a race condition in bzip2, a high-quality block-sorting file compressor and decompressor. When decompressing a file in a directory an attacker has access to, bunzip2 could be tricked to set the file permissions to a different file the user has permissions to. %NASLMINLEVEL...
[SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification
-------------------------------------------------------------------------- Debian Security Advisory DSA 730-1 [email protected] http://www.debian.org/security/ Martin Schulze May 27th, 2005 http://www.debian.org/security/faq -...