CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface...

PT-2025-2713 · Qualcomm · Snapdragon +138

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Memory corruption may occur when stopping the WLAN interface after processing a WMI command from the interface. This issue is related to the processing ...

PT-2025-2409 · Qualcomm · Snapdragon +13

Name of the Vulnerable Software and Affected Versions: No specific software or affected versions are mentioned in the provided descriptions. Description: A memory corruption issue occurs while processing frame command IOCTL calls, which can cause memory corruption. No information is provided abou...

CVE-2024-45063 Multiple issues in ctl(4) CAM Target Layer

The function ctlwritebuffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtioscsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process,...

CVE-2024-39520 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

Juniper Junos OS Vulnerability (JSA79109)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79109 advisory. - A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service...

CVE-2024-30378 Junos OS: MX Series: bbe-smgd process crash upon execution of specific CLI commands

A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon bbe-smgd to crash upon execution of specific CLI commands, creating a Denial of Service DoS condition. The...

PT-2024-23575 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 Galactic Geochelone versions 2 Description: A remote code execution issue exists due to an OS command injection vulnerability in the command processing or system call components of ROS2, including External Command Execution Modules, Syst...

CVE-2023-52500 scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing OPCINBSETCONTROLLERCONFIG command Tags allocated for OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...

Stack-based Buffer Overflow

libzephyr.so is vulnerable to a Buffer Overflow. The vulnerability is due to an unchecked length coming from user input in settings shell, specifically during the handling of SETTINGSVALUESTRING type values, which can result in copying data of a length greater than the buffer size allocated for...

PT-2023-21795 · Wlan Hal · Wlan Hal

Name of the Vulnerable Software and Affected Versions: WLAN HAL affected versions not specified Description: The issue is related to memory corruption in the WLAN HAL when processing Tx/Rx commands from QDART. This can potentially lead to unspecified consequences. There is no information provided...

USN-5810-4 git vulnerabilities

USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a...

Imperative 命令注入漏洞

Imperative is an open source command processing system from Zowe. Imperative has a security vulnerability that stems from the presence of a command execution vulnerability...

USN-5810-1 git vulnerabilities

Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-23521 Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could...

CVE-2022-33255 Buffer over-read in Bluetooth HOST

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device...

CVE-2022-46144

A vulnerability has been identified in SCALANCE SC622-2C 6GK5622-2GS00-2AC2 All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 V3.0, SCALANCE WAM763-1 6GK5763-1AL00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 6GK5766-1GE00-7DA0 All versions V2.0.0, SCALANCE WAM766-1 US 6GK5766-1GE00-7DB0 All...

CVE-2022-25654

Memory corruption in kernel due to improper input validation while processing ION commands in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

PT-2022-4881 · Qualcomm · Qualcomm Snapdragon Mobile +7

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto versions affected versions not specified Qualcomm Snapdragon Compute versions affected versions not specified Qualcomm Snapdragon Connectivity versions affected versions not specified Qualcomm Snapdragon Consumer IOT...

PT-2021-19258 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 20.4R2-S2-EVO Juniper Networks Junos OS Evolved version 21.1 versions prior to 21.1R2-EVO Juniper Networks Junos OS Evolved version 21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO...

Schneider Electric IGSS Missing Authentication Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of commands sent to the server. The issue results from the lack o...