139 matches found
DEBIAN-CVE-2024-42286
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvmelocalport correctly The driver load failed with error message, qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer...
kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...
Payroll Management System 1.0 Remote Code Execution
Exploit Title: Payroll Management System v1.0 RCE Unauthenticated Google Dork: intitle:"Employee's Payroll Management System" Date: 16/06/2024 Exploit Author: ShellUnease Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
DEBIAN-CVE-2023-52809
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...
DEBIAN-CVE-2021-47308
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix array index out of bound exception Fix array index out of bound exception in fcrportprliresp...
UBUNTU-CVE-2024-26872
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Write in srptrefreshport. This seems to be because an event handler is registered before the srpt devic...
CVE-2023-43129
D-LINK DIR-806 1200M11AC wireless router DIR806A1FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTEPORT parameters...
Command injection
D-LINK DIR-806 1200M11AC wireless router DIR806A1FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTEPORT parameters...
SUSE CVE-2008-2543
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote...
kernel: scsi: qla2xxx: Fix scheduling while atomic
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...
CVE-2022-26641
TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter...
CVE-2022-26641
TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter...
Tp-link TL-WR840N 安全漏洞
Tp-link TL-WR840N is a wireless router from China P&L Tp-link. A security vulnerability exists in Tp-link TL-WR840NESV6.20, which originates from the httpRemotePort parameter containing a buffer overflow...
Exploit for CVE-2021-1678
PoC exploit for CVE-2021-1678, an arbitrary code execution vulnerability in the Windows Print Spooler service. The exploit is contained within a Docker container, which can be built and run using the provided Dockerfile. The container includes a Python script, spoolsploit.py, that can be used to...
VulnCheck KEV: CVE-2018-19986
In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the $pathinfwan1."/web" internal...
Security update for salt (moderate)
openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2020:1074-1 Rating: moderate References: 1159284 1165572 1167437 1168340 1169604 1170104 1170288 1171906 1172075 1173072 1174165 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651 CVE-2020-11652 Affected...
SUSE-SU-2020:1973-1 Security update for Salt
This update fixes the following issues: salt: - Fix for TypeError in Tornado importer bsc1174165 - Require python3-distro only for TW bsc1173072 - Various virt backports from 3000.2 - Avoid traceback on debug logging for swarm module bsc1172075 - Add publishbatch to ClearFuncs exposed methods -...
SUSE-SU-2020:1971-1 Security update for Salt
This update fixes the following issues: salt: - Fix for TypeError in Tornado importer bsc1174165 - Require python3-distro only for TW bsc1173072 - Various virt backports from 3000.2 - Avoid traceback on debug logging for swarm module bsc1172075 - Add publishbatch to ClearFuncs exposed methods -...
SUSE SLED15 / SLES15 Security Update : salt (SUSE-SU-2020:1974-1)
This update for salt contains the following fixes : Fix for TypeError in Tornado importer bsc1174165 Require python3-distro only for TW bsc1173072 Update to Salt version 3000: See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.html Add docker.logout to docker execution...
Citrix Bugs Allow Unauthenticated Code Injection, Data Theft
Multiple vulnerabilities in the Citrix Application Delivery Controller ADC and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker. The Citrix products...