6680 matches found
Microsoft Windows Virtualization-Based Security Enclave 访问控制错误漏洞
Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is a software-based trusted execution environment within the host application address space from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Windows Virtualization-Based...
Wavlink AC3000 wctrls static login vulnerability
Talos Vulnerability Report TALOS-2024-2034 Wavlink AC3000 wctrls static login vulnerability January 14, 2025 CVE Number CVE-2024-39754 SUMMARY A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead ...
PT-2025-1182 · Sap · Sap Netweaver Application Server Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue is related to an obsolete functionality in SAP NetWeaver Application Server ABAP that did not perform necessary authorization checks. This allows an...
PT-2025-2548 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A command execution issue exists in the update filter url.sh functionality. This allows an attacker to execute arbitrary commands using a specially crafted HTTP request. An attacker can...
Microsoft Excel 代码问题漏洞
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code issue vulnerability exists in Microsoft Excel. An attacker could exploit the vulnerability to bypass certain functionality...
CVE-2024-47809
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkbresource null dereference This patch fixes a possible null pointer dereference when this function is called from requestlock as lkb-lkbresource is not assigned yet, only after validatelockargs by calling...
CVE-2024-54193
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...
Huawei HarmonyOS Connectivity Module Privilege Control Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS Connectivity module, which can be exploited by an attacker to cause functionality anomalies...
Huawei HarmonyOS Distributed Notification Module Competitive Conditions Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Distributed Notification Module, which can be exploited by an attacker to cause...
CVE-2025-0398
A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...
CVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDL
In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, as documented in the NXP errata ERR005723: https://www.nxp.com/docs/en/errata/IMX6DQCE.pdf This patc...
CVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDL
In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, as documented in the NXP errata ERR005723: https://www.nxp.com/docs/en/errata/IMX6DQCE.pdf This patc...
CVE-2024-48881 bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing ISERRORNULL with ISERR again Commit 028ddcac477b "bcache: Remove unnecessary NULL point check in node allocations" leads a NULL pointer deference in cachesetflush. 1721 if !ISERRORNULLc-root 1722...
GHSA-63WG-87QV-RW4R Drupal Open Social allows Functionality Misuse
The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not disclose any information to the attacker...
Drupal Open Social allows Functionality Misuse
The distribution didn't validate the flood control limits on the password reset form correctly resulting in a potential attacker flooding the password reset which could result in a Denial of Service. Fortunately the message does not disclose any information to the attacker...
CVE-2024-13278
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue affects Diff: from 0.0.0 before 1.8.0...
CVE-2024-13274
Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5...
CVE-2024-13278
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue affects Diff: from 0.0.0 before 1.8.0...
CVE-2024-13278 Diff - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-042
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue affects Diff: from 0.0.0 before 1.8.0...
CVE-2024-13278
Drupal Diff vulnerability (CVE-2024-13278) stems from an incorrect authorization check in the Diff module, enabling functionality misuse. Affected: Diff module in Drupal (versions 0.0.0 through 1.7.9; fixed in 1.8.0+). Impact: access bypass and information disclosure due to insufficient revision ...