The vulnerability of the libsavsvc.so library in Android operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libsavsvc.so library in Android operating systems is related to writing beyond the buffer boundaries when processing MPEG4 files. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the netdev_lock() function in the iavf component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the netdevlock function in the iavf component of the Linux operating system is related to mutual locking of execution threads. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the SetDefaultConnectionService() function in microprogrammed routing software such as Linksys WRT1900ACS, EA7200, EA7450, and EA7500 allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SetDefaultConnectionService function in microprogrammed routing software such as Linksys WRT1900ACS, EA7200, EA7450, and EA7500 is related to the operation of writing data outside of the buffer in memory when processing the NewDefaultConnectionService parameter...

The vulnerability of the dbAllocBits() function in the fs/jfs/jfs_dmap.c module of the Linux file system support for JFS kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dbAllocBits function in the fs/jfs/jfsdmap.c module of the Linux file system support module JFS is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the sub_3C8EC function in the microprogramming software of the dual-band Wi-Fi amplifier Netgear EX6200 allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub3C8EC function in the microprogramming software of the dual-band Wi-Fi amplifier Netgear EX6200 is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to influence the confidentiality,...

The vulnerability of the `alloc_flex_gd()` function in the `fs/ext4/resize.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the allocflexgd function in the fs/ext4/resize.c module of the Linux operating system is related to a single-byte offset error. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the miEnumattr() function in the fs/ntfs3/record.c file of the Linux kernel’s file system ntfs3 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the miEnumattr function in the fs/ntfs3/record.c file of the Linux kernel’s file system ntfs3 is related to an increase in privileges. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the Google Chrome browser’s Media component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Google Chrome browser’s Media component is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Secret Sharing in 5G-MEC: Applicability for Joint Security and Dependability

Multi-access Edge Computing MEC, an enhancement of 5G, processes data closer to its generation point, reducing latency and network load. However, the distributed and edge-based nature of 5G-MEC presents privacy and security challenges, including data exposure risks. Ensuring efficient manipulatio...

The vulnerability of the ntfs_file_release() function in the fs/ntfs3/file.c file of the Linux kernel’s file system ntfs3 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ntfsfilerelease function in the fs/ntfs3/file.c file of the Linux kernel’s file system ntfs3 is related to the elevation of privileges. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the setWizardCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK T10 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setWizardCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK T10 router software is related to the issue of data being written outside the buffer in memory when processing the parameter ssid5g. Exploiting this vulnerability allows a malicious actor to compromise the...

The vulnerability of the built-in web server boa (/boafrm/formWlanRedirect) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in web server boa /boafrm/formWlanRedirect of the TOTOLINK X15 router’s microprogramming software is related to the copying of buffers without checking the size of input data during the processing of the redirect-url parameter. Exploiting this vulnerability allows a...

Vulnerability of the _scsih_expander_node_remove() function in the drivers/scsi/mpt3sas/mpt3sas_scsih.c module – This driver is a Linux system kernel driver for supporting SCSI devices. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the scsihexpandernoderemove function in the drivers/scsi/mpt3sas/mpt3sasscsih.c module – The drivers for SCSI devices in Linux operating systems are related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the LZ4_decompress_generic() function in the lib/lz4/lz4_decompress.c file, which is part of the lz4 compression module for Linux kernel, allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LZ4decompressgeneric function in the lib/lz4/lz4decompress.c module relates to the reutilization of previously freed memory in Linux kernel-based compression algorithms. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...

ROS-20250526-07

Google Chrome browser vulnerability involves post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact privacy, integrity and availability of data through the use of a specially crafted HTML page...

CVE-2023-28373

A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...

CVE-2023-37296

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

CVE-2022-46316

A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...

The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component in the microprogramming software for TOTOLINK A3002R and A3002RU devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSetLg file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSetLg file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacke...