CVE-2024-4294

The CVE-2024-4294 entry concerns PHPGurukul Doctor Appointment Management System 1.0. Affected component: /doctor/view-appointment-detail.php, where the editid parameter leads to improper control of resource identifiers (IDOR). The vulnerability is described as exploitable remotely, with public d...

The vulnerability of the Pulsar Function Worker module on the cloud platform for distributed messaging and Apache Pulsar streaming involves allowing a hacker to execute arbitrary code.

The vulnerability of the Pulsar Function Worker module on the cloud platform for distributed messaging and Apache Pulsar streaming involves insufficient control over resources with dynamic management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Improper Control Of A Resource Through Its Lifetime

github.com/cosmos/cosmos-sdk is vulnerable to Improper Control of a Resource Through its Lifetime. The x/crisis module is supposed to allow anyone to halt a chain in event of any violation. The vulnerability is caused due to x/crisis module, which does not halt the chain as expected upon an...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

CVE-2023-44295

Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure...

Input validation

Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service...

CVE-2023-44288

Dell PowerScale OneFS versions 8.2.2.x–9.6.0.x contain an improper resource lifetime control that allows unauthenticated network attackers to cause a denial of service. The root cause is described as improper control of a resource through its lifetime. Impact is DoS; no public exploit details are...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service in the modem after receiving an RRC setup message...

PT-2023-7542 · 5G Modem · 5G Modem

Name of the Vulnerable Software and Affected Versions: 5G Modem affected versions not specified Description: The issue is related to improper error handling in the 5G Modem, which could lead to a system crash and remote denial of service when receiving malformed RRC messages. No additional...

PT-2023-18316 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a Transient Denial of Service DOS in the Modem when processing an RRC reconfiguration message. No information is provided about the estimated number of potentially...

The vulnerability of the Change and Transport System component of the SAP NetWeaver software integration platform allows a perpetrator to trigger a service failure.

The vulnerability of the Change and Transport System component of the SAP NetWeaver software integration platform is related to the lack of a mechanism for controlling the resources used. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

Citrix Systems Content Collaboration 安全漏洞

Citrix Systems Content Collaboration is a secure enterprise file synchronization and sharing service from Citrix Systems. It meets the mobility and collaboration needs of users as well as the data security requirements of organizations. A security vulnerability exists in Citrix Systems Content...

CVE-2023-25517

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering...

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a malicious actor to trigger a service failure without proper authentication.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient resource control during its existence. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Design/Logic Flaw

A vulnerability classified as critical was found in Abstrium Pydio Cells 4.2.0. This vulnerability affects unknown code of the component User Creation Handler. The manipulation leads to improper control of resource identifiers. The attack can be initiated remotely. The exploit has been disclosed ...

Abstrium Pydio Cells 安全漏洞

Abstrium Pydio Cells is a next-generation file-sharing platform developed in the Go language by French company Abstrium. A security vulnerability exists in Abstrium Pydio Cells version 4.2.0 that stems from improper control of resource identifiers...

CVE-2023-0458

A speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or...