1156 matches found
CVE-2021-45998
D-Link device DIR882 DIR882FW1.30B06Hotfix02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request...
USN-5266-1: Linux kernel (GKE) vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Luo Likang discovered that the FireDTV Firewire...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2022:0289-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0289-1 advisory. The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
SUSE SLED15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:0198-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0198-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following...
CVE-2022-0322
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS. Mitigation...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2894)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-37566
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7610, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write...
Memory corruption
An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the rdsconncreate function in net/rds/connection.c in a certain combination of circumstances...
UBUNTU-CVE-2021-39923
Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...
PT-2021-6397 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.27 and prior Description: The issue is related to errors in resource release in the InnoDB component of MySQL Server. It can be exploited by a remote attacker to cause a denial of service using the MySQL network...
Boofuzz - Network Protocol Fuzzing for Humans
Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility. The goal: fuzz everything. Why? Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance. Features Like Sulley,...
Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module
Cybersecurity researchers have disclosed a security flaw in the Linux Kernel's Transparent Inter Process Communication TIPC module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. Tracked as...
CVE-2020-25367
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login...
Ubuntu: Security Advisory (USN-5116-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5116-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5116-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...
USN-5115-1: Linux kernel (OEM) vulnerabilities
It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF...
USN-5113-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not...
CVE-2021-36953
Windows TCP/IP Denial of Service Vulnerability...
CLSA-2021-1632261812 Fix of CVE: CVE-2020-25211, CVE-2020-25656, CVE-2019-19532, CVE-2020-29661
CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...