563 matches found
Microchip Technology BluSDK Smart Denial of Service Vulnerability
Microchip Technology BluSDK Smart is an SDK package developed by Microchip Technology to implement Bluetooth. A security vulnerability exists in the Bluetooth Low Energy implementation in Microchip Technology BluSDK Smart 6.2 and prior versions for ATSAMB11, which arises from the program's failur...
CVE-2019-19195
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...
CVE-2019-19195
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...
Code injection
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...
CVE-2019-19195
CVE-2019-19195 affects Microchip Technology BluSDK Smart (ATSAMB11) up to 6.2. The BLE implementation fails to properly restrict the link-layer data length on reception, enabling attackers in Bluetooth range to trigger a denial of service (crash) via a crafted packet. This CVE is associated with ...
CVE-2019-19195
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...
CVE-2019-19195
The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet. Recent assessments: pbarry-r7 at...
USN-4227-1: Linux kernel vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or...
Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4225-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4225-2 advisory. USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement H...
USN-4225-2: Linux kernel (HWE) vulnerabilities
USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for...
USN-4227-2: Linux kernel (Azure) vulnerabilities
USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4227-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4227-1 advisory. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attack...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4225-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4225-1 advisory. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use...
Threatpost New Wrap Podcast For Oct. 5
Threatpost’s Lindsey O’Donnell and Tom Spring break down the highlights on the heels of a week filled with cybersecurity news. Included in the podcast week news wrap, ending Oct. 5, are the Bloomberg report alleging that a China government-affiliated group slipped tiny microchips into Super Micro...
Insteon Hub MPFS Upload Firmware Update Vulnerability(CVE-2018-3832)
Summary An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To...
Insteon Hub HTTPExecuteGet Firmware Update Information Leak Vulnerability(CVE-2017-14443)
Summary An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can sen...
Insteon Hub HTTPExecuteGet Firmware Update host Parameter Buffer Overflow Vulnerability(CVE-2017-14445)
Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET...
Insteon Hub HTTPExecuteGet Firmware Update Information Leak Vulnerability
Summary An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly checks the number of GET parameters supplied, leading to an arbitrarily controlled information leak on the whole device memory. An attacker can sen...
Insteon Hub HTTPExecuteGet Firmware Update host Parameter Buffer Overflow Vulnerability
Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET...
Insteon Hub MPFS Upload Firmware Update Vulnerability
Summary An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To...