7654 matches found
CVE-2024-24972
The CVE-2024-24972 issue affects Gallagher Controller 6000 and Controller 7000 via a Buffer Copy without Checking Size of Input in the diagnostic web interface, enabling an authorized and authenticated operator to reboot the controller and cause a Denial of Service. Affected firmware histories in...
CVE-2024-6572
Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...
CVE-2024-6572
Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...
UBUNTU-CVE-2024-6572
Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...
CVE-2024-6572 Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem'
Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...
PT-2024-37728 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p15 Checkmk versions prior to 2.2.0p33 Checkmk versions prior to 2.1.0p48 Checkmk version 2.0.0 Description: The issue concerns improper host key checking in the active check 'Check SFTP Service' and the special...
git: Fix of CVE-2024-32004
CVE-2024-32004: integrating ownership checking to detect dubious local repositories during cloning...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.6.6)
The version of AOS installed on the remote host is prior to 6.5.6.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.6.6 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the stri...
CVE-2024-44960
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Make sure the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn't properly set up the endpoint for...
CVE-2024-44955
...
AZL-48801 CVE-2024-45618 affecting package opensc 0.23.0-5
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...
CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...
CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc
A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...
CVE-2024-33052 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
Memory corruption when user provides data for FM HCI command control operations...
MediaTek 芯片 安全漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking in the vdec component, which could result in an out-of-bounds write...
Google Chrome heap buffer overflow vulnerability (CNVD-2024-38577)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability, which is caused by incorrect boundary checking in Skia. An attacker can exploit this vulnerability to cause an overflow buffer to execute arbitrary code on the system ...
Google Chrome heap buffer overflow vulnerability (CNVD-2024-38578)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability that is caused by incorrect boundary checking in Skia. An attacker can exploit this vulnerability to cause an overflow buffer to execute arbitrary code on the system or...
No title provided
REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: x86/xen: Add some null pointer checking to smp.c The Linux kernel CVE team has assigned CVE-2024-26908 to this issue...
CVE-2024-43891
In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...
CVE-2024-43891
In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...