5128 matches found
CVE-2021-47535
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...
CVE-2021-47535 drm/msm/a6xx: Allocate enough space for GMU registers
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...
CVE-2021-47535
CVE-2021-47535 concerns the Linux kernel DRM MSM A6XX driver. The issue arises in a6xx_get_gmu_registers() where three sets of GMU registers are read but the allocation for the array wasn’t updated, triggering a KASAN slab-out-of-bounds write (Write of size 8) in _a6xx_get_gmu_registers. Public n...
Use After Free
Wireshark is vulnerable to Use After Free. The vulnerability is caused due to an incorrect use of dynamic memory during program operation which can cause a Denial Of Service DOS via crafted capture file...
Denial Of Service (DOS)
Wireshark is vulnerable to Denial Of Service DOS. The vulnerability is due to MONGO and ZigBee TLV dissector infinite loops resulting in Unreachable Exit Condition via packet injection or crafted capture file...
CVE-2024-35110
A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker...
CVE-2024-35110
A reflected XSS vulnerability has been found in YzmCMS 7.1. The vulnerability exists in yzmphp/core/class/application.class.php: when logged-in users access a malicious link, their cookies can be captured by an attacker...
SUSE CVE-2024-4853
Memory handling issue in editcap could cause denial of service via crafted capture file...
SUSE CVE-2024-4855
Use after free issue in editcap could cause denial of service via crafted capture file...
CVE-2024-4854
A flaw was found in the MONGO and ZigBee TLV dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2024-4853
A flaw was found in the editcap program distributed by Wireshark. A buffer over-read may be triggered when a crafted packet trace file is processed with the editcap program, causing an application crash and resulting in a denial of service. Mitigation Do not process untrusted packet trace files...
CVE-2024-4855
A flaw was found in the editcap program distributed by Wireshark. A use-after-free may be triggered when a crafted packet trace file is processed with the editcap program using the --inject-secrets command line option, causing an application crash and resulting in a denial of service. Mitigation ...
Wireshark 4.0.x < 4.0.15 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.15 advisory. - MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0...
CVE-2024-4855
Use after free issue in editcap could cause denial of service via crafted capture file...
CVE-2024-4855
Use after free issue in editcap could cause denial of service via crafted capture file...
DEBIAN-CVE-2024-4855
Use after free issue in editcap could cause denial of service via crafted capture file...
CVE-2024-4853
Memory handling issue in editcap could cause denial of service via crafted capture file...
DEBIAN-CVE-2024-4853
Memory handling issue in editcap could cause denial of service via crafted capture file...
AZL-43498 CVE-2024-4853 affecting package wireshark 4.0.8-1
Memory handling issue in editcap could cause denial of service via crafted capture file...
AZL-44073 CVE-2024-4853 affecting package wireshark for versions less than 4.4.7-1
Memory handling issue in editcap could cause denial of service via crafted capture file...