Lucene search
K

7654 matches found

UbuntuCve
UbuntuCve
added 2024/07/12 1:15 p.m.20 views

CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

5.5CVSS5.8AI score0.00268EPSS
Exploits0References12
CVE
CVE
added 2024/07/12 12:37 p.m.71 views

CVE-2024-40992

CVE-2024-40992 concerns the Linux kernel RDMA/rxe stack. The root cause was an incorrect resilience check for UD QP receive data: a deferred responder length check in the function copy_data (via commit 689c5421bfe0) could trigger an oversized UD packet to fail with -EINVAL, causing send_data_in t...

5.5CVSS6.7AI score0.00268EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/07/12 12:37 p.m.26 views

CVE-2024-40992 RDMA/rxe: Fix responder length checking for UD request packets

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

0.00268EPSS
Exploits0References3
OSV
OSV
added 2024/07/12 12:37 p.m.20 views

CVE-2024-40992 RDMA/rxe: Fix responder length checking for UD request packets

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

5.5CVSS6AI score0.00268EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.5 views

The vulnerability of Huawei TC7001-10, WS7200-10, and WS7206-10 Wi-Fi routers lies in the lack of a mechanism to lock sessions. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of Huawei TC7001-10, WS7200-10, and WS7206-10 Wi-Fi routers’ microprogramming software is related to the lack of a session fixation mechanism, due to the absence of reverse address checking and TCP connection tracing. Exploiting this vulnerability can allow an unauthorized actor...

7.8CVSS5.5AI score0.00269EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/11 4:14 p.m.211 views

CVE-2024-39538 Junos OS Evolved: ACX7000 Series: When multicast traffic with a specific (S,G) is received evo-pfemand crashes

A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.When multicast traffic with a specific, valid S,G is received,...

7.1CVSS6.8AI score0.00332EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/11 12:0 a.m.77 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:2381-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2381-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

9.8CVSS7.8AI score0.01401EPSS
Exploits5References444
CNVD
CNVD
added 2024/07/10 12:0 a.m.6 views

Siemens SINEMA Remote Connect Server Exception or Improper Exception Checking Vulnerability

Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server has an anomaly or improper anomaly checking vulnerability that c...

7.1CVSS7AI score0.0028EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 12:15 p.m.26 views

CVE-2024-39865

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker...

8.8CVSS0.00447EPSS
Exploits0References1
NVD
NVD
added 2024/07/08 4:15 p.m.39 views

CVE-2024-6563

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files...

7.5CVSS0.00211EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.17 views

CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0286)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0286 advisory. - There is a type confusion vulnerability relating to X.400 addres...

7.4CVSS8AI score0.59501EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2024/07/02 1:10 p.m.10 views

Prudential Financial data breach impacts 2.5 million people, not 36,000 as first thought

In February 2024, Prudential Financial reported it had fallen victim to a ransomware attack. The attack was discovered one day after it started, but not before some 2.5 million people had been impacted by the resulting data breach. As one of the largest insurance companies in the US, Prudential...

7.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/07/01 2:17 p.m.23 views

CVE-2024-23368 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC

Memory corruption when allocating and accessing an entry in an SMEM partition...

7.8CVSS7.2AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.2 views

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a lack of boundary checking, resulting in out-of-bounds writes...

6.2CVSS6.8AI score0.00081EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.4 views

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a lack of boundary checking, resulting in out-of-bounds writes...

5.1CVSS6.8AI score0.00093EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.5 views

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a lack of boundary checking, resulting in out-of-bounds writes...

6.8CVSS6.8AI score0.00093EPSS
Exploits0References2
CNVD
CNVD
added 2024/06/28 12:0 a.m.5 views

MOXA OnCell G3470A-LTE Buffer Overflow Vulnerability

MOXA OnCell G3470A-LTE is a series of cellular gateway/router from MOXA China. A buffer overflow vulnerability exists in MOXA OnCell G3470A-LTE v1.7.7 and earlier firmware versions, which stems from a lack of boundary checking for buffer operations, and can be exploited by an attacker to write...

8.2CVSS7.3AI score0.00393EPSS
Exploits0References1
NVD
NVD
added 2024/06/27 10:15 a.m.12 views

CVE-2024-0947

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue affects Elektraweb:...

9.8CVSS0.00477EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/27 9:27 a.m.24 views

CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue affects Elektraweb:...

9.8CVSS5.8AI score0.00477EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/27 9:27 a.m.19 views

CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens. This issue affects Elektraweb:...

9.8CVSS0.00477EPSS
Exploits0References2
Rows per page
Query Builder