Axios Italia Axios RE 信息泄露漏洞

Axios Italia Axios RE is a suite of electronic enrollment software for campus management. A security vulnerability exists in Axios Italia Axios RE 1.7.0/7.0.0 that originates from a problem with the component error message handler. An attacker can exploit the vulnerability to obtain sensitive...

PT-2025-53989

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ath11k module related to the initialization of the qmi msg handler data structure. Specifically, the qmi msg handler requires null termination by the...

Brave Software: Universal XSS with Playlist feature

A Universal XSS vulnerability was discovered in Brave iOS versions 1.32.3 and higher. The vulnerability was caused by three weaknesses, including the exposure of UserScriptManager.securityToken and UserScriptManager.messageHandlerToken, as well as a UXSS vulnerability in PlaylistHelper through...

PT-2021-8141 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.18.0.x86 64 46 and 47 Description: The vulnerability in the Linux kernel is related to a use-after-free UAF issue when uninstalling the ipmi si and ipmi msghandler modules. This can cause the system to crash. The issue...

Privilege Escalation

firefox is vulnerable to privilege escalation. The vulnerability exists due to the unknown processing of the component Text Message Handler...

Cisco Firepower Threat Defense Denial of Service Vulnerability (CNVD-2021-50578)

Cisco Firepower Threat Defense FTD is unified software that provides next-generation firewall services. A denial-of-service vulnerability exists in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense, which can be exploited by an attacker to cause a process crash by sendi...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43446)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the DHCP message handler of the Cisco IOS XE used by the Cisco cBR-8 Converged Broadband Router, which can be exploited by an attacker ...

CVE-2020-3509

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service DoS condition. The vulnerability is due to insufficient erro...

CVE-2020-3509

CVE-2020-3509 affects Cisco IOS XE with the cBR-8 Converged Broadband Router. The root cause is insufficient error handling while parsing DHCPv4 messages in the DHCP message handler, allowing an unauthenticated, remote attacker to crash the supervisor and cause a DoS via a malicious DHCPv4 packet...

CVE-2019-11859

A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4325-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4325-1 advisory. It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local...

USN-4325-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service kernel memory exhaustion. CVE-2019-19046 Al Viro discovered that the vfs layer in the Linux...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4319-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4319-1 advisory. It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local...

USN-4302-1: Linux kernel vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4302-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4302-1 advisory. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the...

Ubuntu: Security Advisory (USN-4302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10595

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

Buffer overflow

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

CVE-2019-10595

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

CVE-2019-10595

CVE-2019-10595 is a Qualcomm/Qualcomm WLAN issue affecting Snapdragon components (e.g., APQ8009, APQ8053, APQ8064, IPQ4019, MDM9206, SDM660, QCA9880, etc.) where a lack of validation of the tid value parsed from firmware packets can cause a buffer overwrite in the message handler. The vulnerabili...