1171 matches found
The vulnerability of the ODBC driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ODBC driver for SQL Server on Windows operating systems is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the user is connected to the malicious SQL server via ODBC, and the malicious actor send...
kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability
Talos Vulnerability Report TALOS-2024-1945 Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability April 18, 2024 CVE Number CVE-2023-51391 SUMMARY An invalid pointer dereference vulnerability exists in the HTTP server header parsing functionality of Silic...
CVE-2024-3388
CVE-2024-3388 affects Palo Alto Networks PAN-OS GlobalProtect Gateway. An authenticated attacker can impersonate another user and send network packets to internal assets, though they cannot receive responses. The issue is discussed across multiple sources (NVD, CVE List, CNVD/CNNVD entries) and P...
DEBIAN-CVE-2024-3567
A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition...
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution
In one of the largest Patch Tuesdays in years, Microsoft disclosed 150 vulnerabilities across its software and product portfolio this week, including more than 60 that could lead to remote code execution. Though Aprils monthly security update from Microsoft is the largest since at least the start...
RHEL 7 : kpatch-patch (RHSA-2024:1323)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1323 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
Tox: Remote Code Execution
Background Tox is easy-to-use software that connects you with friends and family without anyone else listening in. Description A vulnerability has been discovered in btrbk. Please review the CVE identifier referenced below for details. Impact A stack-based buffer overflow allows remote attackers ...
CVE-2024-26342
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...
CVE-2024-26342
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...
Null pointer dereference
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...
CVE-2024-26342
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...
CVE-2024-26342
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...
CVE-2024-26342
CVE-2024-26342 affects ASUS AC68U firmware version 3.0.0.4.384.82230. The vulnerability is a null pointer dereference in usr/sbin/httpd that allows remote attackers to trigger a denial of service via a network packet. Documented impact: availability loss (I: N; A: H) with network access and no re...
CVE-2023-45318
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-39540
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a...
CVE-2023-39541
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a...
Heap overflow
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-45318
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-45318
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...