563 matches found
PT-2024-38592 · Microchip · Timeprovider 4100
Name of the Vulnerable Software and Affected Versions: Microchip TimeProvider 4100 versions 1.0 through 2.4.6 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The...
PT-2024-30612 · Microchip · Timeprovider 4100
Name of the Vulnerable Software and Affected Versions: Microchip TimeProvider 4100 versions 1.0 through 2.4.7 Description: The issue is related to improper authentication in the login modules of Microchip TimeProvider 4100, which allows session hijacking. Recommendations: For versions 1.0 through...
PT-2024-30610 · Microchip · Timeprovider 4100
Name of the Vulnerable Software and Affected Versions: Microchip TimeProvider 4100 versions 1.0 and later Description: The issue is related to a URL Redirection to Untrusted Site 'Open Redirect' vulnerability that allows XSS Through HTTP Headers. This can lead to security issues, as it enables...
Microchip TimeProvider 4100 操作系统命令注入漏洞
Microchip TimeProvider 4100 is a gateway clock from Microchip, Inc. A security vulnerability exists in the Microchip TimeProvider 4100 prior to version 2.4.7 that stems from improper neutralization of special elements of operating system commands, resulting in OS command injection...
SUSE CVE-2024-46831
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
CVE-2024-46831
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
CVE-2024-46831
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
DEBIAN-CVE-2024-46831
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
UBUNTU-CVE-2024-46831
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
CVE-2024-46831 net: microchip: vcap: Fix use-after-free error in kunit test
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
CVE-2024-46831 net: microchip: vcap: Fix use-after-free error in kunit test
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
CVE-2024-46831 net: microchip: vcap: Fix use-after-free error in kunit test
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checking the return code of vcapdelrule...
CVE-2024-46831
The CVE-2024-46831 entry corresponds to a Linux kernel vulnerability in net: microchip: vcap where kunit tests trigger a use-after-free. The underlying issue is a use-after-free in kunit test code for vcap, which has been fixed by removing the problematic code and relying on checking the return v...
Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk
A critical security flaw has been disclosed in the Microchip Advanced Software Framework ASF that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7029-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7029-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6999-2)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6999-2 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to caus...
A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server
Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...
US Microchip Giant Hit by Cyberattack, Disrupting Operations
Microchip Technology hit by cyberattack, disrupting manufacturing operations. A major disruption to semiconductor production has been reported, impacting…...
CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...
SUSE CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rxlen == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the...