246 matches found
PT-2022-9974 · Qualcomm · Snapdragon Mobile +2
Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Industrial IOT affected versions not specified Snapdragon Mobile affected versions not specified Description: The issue is related to a possible denial of service due to out of memory...
Samsung SMR 安全漏洞
Samsung RRC MeasurementReport is a wireless resource control protocol measurement report for Samsung Samsung mobile devices. The Samsung RRC MeasurementReport suffers from an anomalous condition handling vulnerability that stems from the lack of proper RRC security variable checking in the Exynos...
FortiClient (Windows) - Denial of service due to folder access permission change
An improper control of a resource through its lifetime CWE-664 vulnerability in FortiClient Windows may allow a privileged attacker to make the whole application unresponsive via changing its root directory access permission...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability
A vulnerability in the Internet Key Exchange Version 2 IKEv2 implementation of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to trigger a denial of service DoS condition on an affected device. This...
The vulnerability of Cisco UCS 6400 microprogramming software, related to insufficient resource control during its existence, allows a hacker to trigger a service failure.
The vulnerability of Cisco UCS 6400 microprogrammed software is related to insufficient resource control during its existence. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2021-38463
The affected product does not properly control the allocation of resources. A user may be able to allocate unlimited memory buffers using API functions...
CVE-2021-32569
In OSS-RC systems of the release 18B and older customer documentation browsing libraries under ALEX are subject to Cross-Site Scripting. This problem is completely resolved in new Ericsson library browsing tool ELEX used in systems like Ericsson Network Manager. NOTE: This vulnerability only...
Samsung SMR 缓冲区错误漏洞
Samsung LTE RRC is a protocol in Samsung mobile devices.The RRC word layer has a number of functions including broadcasting of Non-Access Layer NAS-related system information, broadcasting of Access Layer AS-related system information, paging, and establishing, maintaining, and releasing the RRC...
Samsung SMR 资源管理错误漏洞
Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which stems from incorrect handling in the Mediatek RRC stack resulting in a modem crash and...
ROS-2-887
2.887 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
CVE-2021-21562
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with ISIPRIVLOGINSSH or ISIPRIVLOGINCONSOLE and ISIPRIVSYSUPGRADE or ISIPRIVAUDIT to provide an untrusted path which can lead to run resources that are not under the application’s direct...
CVE-2020-12293
Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...
CVE-2020-12293
Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...
CVE-2020-12293
CVE-2020-12293 : Affects some Intel Thunderbolt controllers due to improper control of a resource through its lifetime, which may allow an authenticated local user to cause a denial of service. The issue is documented across NVD and Intel’s advisory, with Red Hat confirming exposure in affected T...
CVE-2020-12293
Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...
Intel® Thunderbolt™ Controller Advisory
Summary: Potential security vulnerabilities in some Intel® Thunderbolt™ controllers may allow denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-12293 Description: Improper control of a resource through its...
CVE-2021-1086
NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager vGPU plugin where it allows guests to control unauthorized resources, which may lead to integrity and confidentiality loss or information disclosure. This affects vGPU version 12.x prior to 12.2, version 11.x prior to 11.4 and...
CVE-2021-1086
CVE-2021-1086 affects NVIDIA vGPU software/driver — the Virtual GPU Manager (vGPU plugin). The vulnerability allows guests to control unauthorized resources, potentially compromising integrity and confidentiality. Affected versions are vGPU 12.x (before 12.2), 11.x (before 11.4), and 8.x (before ...
OESA-2021-1132 wireshark security update
Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Wireshark, formerly known as Ethereal, can be used to examine the details of traffic at a variety of levels ranging...
The vulnerability of the dockerd daemon, a deployment and application management automation tool in Docker-enabled environments, relates to a resource consumption control mechanism error. This vulnerability allows attackers to trigger service failures.
The vulnerability of the dockerd daemon, a tool for automating the deployment and management of applications in Docker containerized environments, is related to improper handling of the image manifest file. Exploiting this vulnerability allows an attacker to cause service interruptions...