45 matches found
CVE-2019-19055
A flaw was found in the Linux kernel. The Wireless configuration API functionality mishandles resource cleanup in nl80211getftmresponderstats function. An attacker able to trigger the resource cleanup code path could use this flaw to crash the system. The highest threat from this vulnerability is...
CVE-2018-19854
An issue was discovered in the Linux kernel before 4.19.3. cryptoreportone and related functions in crypto/cryptouser.c the crypto user configuration API do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a...
Solr: Code execution via entity expansion
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API...
Solr: Code execution via entity expansion
It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API...
AST-2008-012: Remote crash vulnerability in IAX2
Asterisk Project Security Advisory - AST-2008-012 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Remote crash vulnerability in IAX2 |...