86 matches found
CVE-2023-28147
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and...
CVE-2022-46394
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0...
CVE-2022-46395
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Aval...
CVE-2023-20014
A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a...
CVE-2023-20014
A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a...
Haproxy 资源管理错误漏洞
Haproxy HAProxy is an open source TCP/HTTP load balancing server from the French company Haproxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of connection levels, with high efficiency and stability. HAProxy has a security vulnerability that stems from...
Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing DoS (cisco-sa-wlc-udp-dos-XDyEwhNz)
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of...
Content Spoofing
rdiffweb is vulnerable to content spoofing. An attacker can deliver professionally crafted visual defacements to the right recipients convincingly and provide misleading information to the victims due to improper processing and rendering of user-supplied inputs...
CVE-2022-33917
An issue was discovered in the Arm Mali GPU Kernel Driver Valhall r29p0 through r38p0. A non-privileged user can make improper GPU processing operations to gain access to already freed memory...
The vulnerability of the Ansible configuration management system arises from improper processing of output data for registration logs, allowing an attacker to access confidential information.
The vulnerability of the Ansible configuration management system is related to incorrect processing of output data for registration logs. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
CVE-2021-1534 Cisco Email Security Appliance URL Filtering Bypass Vulnerability
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker...
Server-Side Request Forgery (SSRF) in kalcaddle/kodexplorer
✍️ Description SSRF via SVG due to improper processing of SVG files. 🕵️♂️ Proof of Concept Payload: https://drive.google.com/file/d/1q-GHJ01p8Ssok1GWN-QxSznBy1JGvY8x/view?usp=sharing Download and upload it on the server and run the server on port 8000 and then view the file. 💥 Impact This...
CVE-2020-9223
CVE-2020-9223 describes a DoS vulnerability affecting Huawei smartphones. The issue arises from improper handling of abnormal messages in a specific module, allowing remote attackers to trigger a denial of service. The NVD notes a base score of 5.0 (CVSS2) and 7.5 (CVSS3.1) with network access an...
CVE-2020-35453
HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1...
The vulnerability of the Astra Linux Directory Service’s EPPT management system, related to improper data processing, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Astra Linux Directory Service Management System ALD is related to an initialization processing error. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...
CVE-2020-3260
A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the improper processing of client packets that are sent to an affected access point AP. An...
Input validation
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service DoS vulnerability. Due to improper processing of specific IPSEC packets, remote attacke...
CVE-2019-12212
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file...
CVE-2017-17171
Some Huawei smart phones have the denial of service DoS vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow...
CVE-2017-17171
Summary: CVE-2017-17171 is a DoS vulnerability in some Huawei smartphones caused by improper processing of malicious parameters. A attacker could entice a user to install a malicious APK and leverage a pre-installed app with specific permissions to send crafted parameters to the phone driver, tri...