UBUNTU-CVE-2025-38132

In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module cscfgloadconfigsets activate config. // sysfs sysactivecnt == 1...

CVE-2024-40893

Multiple authenticated operating system OS command injection vulnerabilities exist in Firewalla Box Software versions before 1.979. A physically close attacker that is authenticated to the Bluetooth Low-Energy BTLE interface can use the network configuration service to inject commands in various...

CVE-2023-42797

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...

CVE-2023-0432

The web configuration service of the affected device contains an authenticated command injection vulnerability. It can be used to execute system commands on the operating system OS from the device in the context of the user "root." If the attacker has credentials for the web service, then the...

CVE-2025-21349

Windows Remote Desktop Configuration Service Tampering Vulnerability...

CVE-2025-21349

Windows Remote Desktop Configuration Service Tampering Vulnerability...

CVE-2025-21349

Windows Remote Desktop Configuration Service Tampering Vulnerability...

CVE-2025-21349 Windows Remote Desktop Configuration Service Tampering Vulnerability

...

CVE-2025-21349

CVE-2025-21349 is described by the connected NCSC advisory as a Windows vulnerability in Remote Desktop Services: a tampering flaw in the Windows Remote Desktop Configuration Service. The entry lists a CVSS v3.1 base score of 6.8 (Medium), with network access required (AV:N, UI:R, S:U) and high c...

Windows Remote Desktop Configuration Service Tampering Vulnerability

...

PT-2025-6307 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: A tampering issue affects the Windows Remote Desktop Configuration Service, allowing attackers to impact the system. Recommendations: For versions prior to the fixed version, update to...

CVE-2022-38393

A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this...

Firewalla 安全漏洞

Firewalla is a driver from Firewalla Inc. A security vulnerability exists in Firewalla versions prior to 1.979 that stems from the presence of multiple authenticated operating system command injection vulnerabilities. An attacker authenticated with the Bluetooth Low Power Interface can use the...

CVE-2023-42797

Summary: CVE-2023-42797 affects Siemens SICAM A8000 CP-8031 and CP-8050 Master Modules (versions prior to CPCI85 V05.20). The network configuration service mishandles IPv4 address conversion, causing an uninitialized variable to be used in subsequent validation. An authenticated remote attacker c...

CVE-2023-42797

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.20, CP-8050 MASTER MODULE All versions CPCI85 V05.20. The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being...

PT-2024-1085 · Unknown · Cp-8050 Master Module +1

Name of the Vulnerable Software and Affected Versions: CP-8031 MASTER MODULE versions prior to CPCI85 V05.20 CP-8050 MASTER MODULE versions prior to CPCI85 V05.20 Description: A flaw has been identified in the network configuration service of affected devices, related to the conversion of ipv4...

December 12, 2023—KB5033369 (OS Build 22000.2652)

December 12, 2023—KB5033369 OS Build 22000.2652 9/26/23 IMPORTANT As of September 26, 2023, there are no more optional, non-security preview releases for Windows 11, version 21H2. Only cumulative monthly security updates will continue for the supported versions of Windows 11, version 21H2...

August 8, 2023—KB5029263 (OS Build 22621.2134)

August 8, 2023—KB5029263 OS Build 22621.2134 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to find out...

Nacos Jraft Hessian Deserialization Vulnerability

Nacos is an acronym for Dynamic Naming and Configuration Service, a dynamic service discovery, configuration management and service management platform that makes it easier to build cloud-native applications. A deserialization vulnerability exists in Nacos Jraft Hessian, which can be exploited by...

CVE-2023-0432

The web configuration service of the affected device contains an authenticated command injection vulnerability. It can be used to execute system commands on the operating system OS from the device in the context of the user "root." If the attacker has credentials for the web service, then the...