5112 matches found
CVE-2022-28329
A vulnerability has been identified in SCALANCE W1788-1 M12 All versions V3.0.0, SCALANCE W1788-2 EEC M12 All versions V3.0.0, SCALANCE W1788-2 M12 All versions V3.0.0, SCALANCE W1788-2IA M12 All versions V3.0.0. Affected devices do not properly handle malformed TCP packets received over the...
CVE-2021-45104
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who can capture HTCondor network data can interfere with users' jobs and data...
The vulnerability of the pcapngoptionwalk function in the hcxpcapngtool.c component of the WiFi dump file conversion software, which converts cap/pcap/pcapng files into hashcat and John the Ripper Hcxtools formats. This vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the pcapngoptionwalk function in the hcxpcapngtool.c component of the WiFi dump file conversion software, which converts WiFi cap/pcap/pcapng files into hashcat and John the Ripper format, is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker...
Deep Panda deploys new rootkit “Fire Chili” by exploiting Log4shell in VMware horizon
THREAT LEVEL: Red For a detailed advisory, download the pdf file here Deep Panda, a Chinese APT group, took advantage of the well-known Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor, rootkit, and steal sensitive data. This threat actor is primarily targeting firms in the...
CVE-2021-42324
An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...
CVE-2021-42324
An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...
Design/Logic Flaw
An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
Design/Logic Flaw
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-42324
An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0459
CVE-2022-0459 concerns a use-after-free vulnerability in Chrome’s Screen Capture code, leading to potential heap corruption. The issue affects Chrome/Chromium prior to version 98.0.4758.80, with exploitation described as requiring a crafted HTML page and user interaction to trigger the vulnerabil...
CVE-2022-0459
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
Digital China Networks S4600-10P-SI 操作系统命令注入漏洞
The Digital China Networks S4600-10P-SI is a switch from Digital China Networks Beijing Co. A security vulnerability exists in DCN Digital China Networks S4600-10P-SI versions prior to R0241.0470, which stems from incorrect validation of parameters in the console interface. An authenticated,...