1307 matches found
PT-2023-18480
Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned. Description The issue involves memory corruption in a multi-mode call processor when processing a bit mask API. Recommendations At the moment, there is no information about a newer version that...
Google Chrome to Mask User IP Addresses to Protect Privacy
By Waqas The feature is called IP Protection, and it's important to note that it is not a VPN. A VPN encrypts all of a user's traffic, while IP Protection only masks their IP address. This is a post from HackRead.com Read the original post: Google Chrome to Mask User IP Addresses to Protect Priva...
CVE-2023-30633
An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers PCRs to record information about device and software configuration to ensure that the boot...
CVE-2022-25333
The Texas Instruments OMAP L138 secure variants trusted execution environment TEE performs an RSA check implemented in mask ROM when loading a module through the SKLOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly signed header and appe...
Code injection
The Texas Instruments OMAP L138 secure variants trusted execution environment TEE performs an RSA check implemented in mask ROM when loading a module through the SKLOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly signed header and appe...
Design/Logic Flaw
The AES implementation in the Texas Instruments OMAP L138 secure variants, present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext...
Xen Security Vulnerabilities
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen that...
SUSE-SU-2023:4054-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored XSA-440, bsc1215744 - CVE-2023-34326: Missing IOMMU TLB flushing XSA-442, bsc1215746 - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling XSA-443, bsc1215747 -...
Xen: x86/AMD: Debug Mask handling (XSA-444)
AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. - CVE-2023-34327 - An HVM vCPU can end up operating in the context of a previo...
x86/AMD: Debug Mask handling
ISSUE DESCRIPTION AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1 CVE-2023-34327 - An HVM vCPU can end up operating in the...
CVE-2023-41162
A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...
CVE-2023-41162
A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...
CVE-2023-41162
A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...
Cross site scripting
A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...
CVE-2023-41162
A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...
PT-2023-9853 · Tcpreplay +3 · Tcpreplay +3
Name of the Vulnerable Software and Affected Versions: Tcpreplay version 4.4.4 Description: The issue is related to a null pointer dereference in the mask cidr6 component at cidr.c in Tcpreplay. This allows attackers to crash the application via a crafted tcprewrite command, potentially leading t...
PT-2023-27838 · Usermin · Usermin
Name of the Vulnerable Software and Affected Versions: Usermin version 2.000 Description: A Reflected Cross-site scripting XSS issue exists in the file manager tab, allowing remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...
Exploit for Missing Authorization in Content_Mask_Project Content_Mask
CVE-2022-1203 Content Mask 1.8.4 - Subscriber+ Arbitrary...
CVE-2023-25122
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25119
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...