Linksys WRT54GL 缓冲区错误漏洞

The Linksys WRT54GL is a wireless router from Linksys USA. A buffer overflow vulnerability exists in the Linksys WRT54GL Wireless-G Broadband Router. The vulnerability stems from a boundary error in the StartEPI function in the httpd binary when handling untrusted input, and can be exploited by a...

Linksys WRT54GL 操作系统命令注入漏洞

Linksys WRT54GL is a wireless router from Linksys USA. A security vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router version 4.30.18.006 and prior versions. An attacker can exploit the vulnerability to execute arbitrary commands as root on the underlying Linux operating system...

CVE-2022-43973 Arbitrary code execution in Linksys WRT54GL

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware = 4.30.18.006. The CheckTSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges...

CVE-2022-43971 Arbitrary code execution in Linksys WUMC710

An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware = 1.0.02 build3. The dosetNTP function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator...

CVE-2022-43973

The CVE-2022-43973 issue affects Linksys WRT54GL Wireless-G Broadband Router versions

The vulnerability of the smb2_write function (fs/ksmbd/smb2pdu.c) in the ksmbd module of the Linux operating system allows a hacker to disclose protected information or cause service failures.

The vulnerability of the smb2write function fs/ksmbd/smb2pdu.c in the ksmbd module of the Linux operating system relates to the ability to read data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information or cause service...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Debian dla-3188 : isag - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3188 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3188-1 [email protected]...

CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine

A local privilege escalation PE vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges...

CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine

A local privilege escalation PE vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges...

CVE-2022-39377

sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic...

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 race condition in VTRESIZEX ioctl when vcconsi.d is already NULL leading to NULL pointer dereference...

ALSA-2022:7318 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set PTRACEOSUSPENDSECCOMP option CVE-2022-30594 For more details abou...

openwsman bug fix and enhancement update

An update is available for openwsman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Openwsman is a project intended to provide an open source implementation of...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

The vulnerability of the gre_handle_offloads function in the ip_gre.c component of the Linux operating system allows a hacker to gain access to confidential data.

The vulnerability of the grehandleoffloads function in the ipgre.c component of the Linux operating system is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability allows an attacker to gain access to confidential data...

The vulnerability of the X.25 protocol implementation in the Linux operating system allows a hacker to trigger an emergency shutdown of the system.

The vulnerability of the X.25 protocol implementation in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause the system to terminate abnormally...

The vulnerability of the reserve_sfa_size() function in the openvswitch module of the Linux operating system allows a hacker to increase their privileges or cause service failures.

The vulnerability of the reservesfasize function in the openvswitch module of the Linux operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges or cause service failures...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. Google Android 13 suffers from a security vulnerability that stems from a local information leak...