1307 matches found
CVE-2023-25124
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25107
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25106
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25112
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25103
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25124
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
PT-2023-5081 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the set openvpn client function of the Milesight UR32L router's firmware. This vulnerability can be exploited by a remote attacker to...
PT-2023-5172 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...
PT-2023-5143 · Milesight · Milesight Ur32L
Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...
CLSA-2023-1688072526 Fix of 5 CVEs
CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nftables: add nftsetisanonymous helper - netfilter: nftables: split set destruction in deactivate and destroy phase - netfilter: nftables: unbind set in rule from commit path - netfilter: nftables: fix set...
CLSA-2023-1688072342 Fix of 5 CVEs
CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nftables: add nftsetisanonymous helper - netfilter: nftables: split set destruction in deactivate and destroy phase - netfilter: nftables: unbind set in rule from commit path - netfilter: nftables: fix set...
Malicious code in privacy-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 998f7e814713415fe18daae62e103985641b6e30054350c3832c42097800856d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-699 Malicious code in privacy-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 998f7e814713415fe18daae62e103985641b6e30054350c3832c42097800856d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Mitsubishi Electric 多款产品安全漏洞
The Mitsubishi Electric MELSEC iQ-R series and the Mitsubishi Electric MELSEC iQ-F series are both programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in several Mitsubishi Electric products, which is caused by a missing mask when entering a password fie...
PT-2023-24204 · Highlight · Highlight
Name of the Vulnerable Software and Affected Versions: Highlight versions prior to 6.0.0 Description: Highlight may record passwords on customer deployments when a password html input is switched to type="text" via a javascript "Show Password" button. This issue arises because the expected behavi...
kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask
In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...
kernel: udmabuf: Set the DMA mask for the udmabuf device (v2)
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...
Moderate: dhcp security and bug fix update
The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...
kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask
In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...
kernel: udmabuf: Set the DMA mask for the udmabuf device (v2)
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...