SUSE CVE-2024-35888

In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv 1 Issue is that ip6erspanrcv and erspanrcv no longer make sure erspanbasehdr is present in skb linear part skb-head before getting...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: prometheus-beat-exporter-fips, cri-tools, ghaudit, k9s, gotenberg, coredns, etcd-fips, jitsucom-bulker, flux-notification-controller, kube-oidc-proxy, sonobuoy, aws-flb-kinesis-fips, rabbitmq-default-user-credential-updater, grafana-operator, ko, cortex, trust-manage...

The vulnerability of the session_login.php component in D-Link’s wireless access points allows a hacker to perform cross-site scripting (XSS) attacks.

The vulnerability of the sessionlogin.php component in D-Link’s wireless access points relates to the lack of measures taken to protect the website structure during the processing of the reload parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attac...

SUSE CVE-2024-26963

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

CVE-2024-20376

A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input. An attacker could...

CVE-2024-26963

A vulnerability was found in the Linux kernel's USB dwc3-am62.c driver, where improper checks may lead to a kernel panic or a module reload failure. This issue occurs because when the .remove function is called, the module might already be in a runtime-suspended state, meaning the hardware may be...

CVE-2024-26963

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

UBUNTU-CVE-2024-26963

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

CVE-2024-26963

CVE-2024-26963 affects the Linux kernel USB subsystem for the DWC3 controller on AM62 (usb: dwc3-am62). The vulnerability arises from runtime PM handling: when the kernel module is removed with runtime suspend active, the refclock may remain enabled and operations on device registers can occur. T...

CVE-2024-26963 usb: dwc3-am62: fix module unload/reload behavior

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

CVE-2024-26963

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

CVE-2024-26963 usb: dwc3-am62: fix module unload/reload behavior

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a security flaw in the unload/reload behavior of modules...

kernel: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...

CVE-2024-20313

A vulnerability in the OSPF version 2 OSPFv2 feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to improper validation of OSPF updates that...

CVE-2024-20353

CVE-2024-20353 affects Cisco ASA/FTD Web Services. The vulnerability stems from incomplete error checking when parsing HTTP headers, allowing an unauthenticated remote attacker to trigger a reload and cause a DoS. Exploitation is referenced by multiple sources, including CISA’s Known Exploited Vu...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. This...

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. This...

CVE-2024-28436

Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 allows a remote attacker to execute arbitrary code via the reload parameter in the sessionlogin.php component...

PT-2024-3223 · D Link · D-Link Dap-3662 +9

Name of the Vulnerable Software and Affected Versions: D-Link DAP products versions DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 Description: The issue is related to a Cross Site Scripting vulnerability in the session login.php component of...