437 matches found
CVE-2023-41307
Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability...
Memory corruption
Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability...
CVE-2023-41307
Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability...
CVE-2023-41307
Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability...
CVE-2023-41307
CVE-2023-41307 concerns a memory overwrite vulnerability in the security module of Huawei HarmonyOS. The issue is described as impacting availability when exploited, with CVSS indicating NETWORK attack vector, LOW attack complexity, no privileges required, and a HIGH availability impact. Multiple...
PT-2023-27894 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: Security module affected versions not specified Description: The issue is related to a memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability. Recommendations: At the...
Huawei HarmonyOS Buffer Error Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a memory out-of-bounds vulnerability in the security module. Successful exploitation of...
PT-2023-36432 · Gnu +2 · Linux +2
Уязвимость функции aa unpack в модуле security/apparmor/policy unpack.c модуля безопасности AppArmor ядра операционной системы Linux связана с возможной утечкой памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании...
PT-2023-24981 · F5 · F5 Big-Ip
Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions affected versions not specified Description: The issue concerns F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards, which generate a deterministic password for the Crypto User account. This predictable password allows an...
The communication module of the Mitsubishi Electric WS0-GETH00200 security controller is vulnerable due to the lack of authentication. This allows attackers to escalate their privileges and gain access to the device.
The vulnerability of the communication module for Mitsubishi Electric WS0-GETH00200 security controllers is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to remotely increase their privileges and gain access to the device via the TELNET network...
kernel: bpf: prevent leak of lsm program after failed attach
A reference count leak was found in the BPF subsystem. When attaching a BPF LSM program to a cgroup fails validation, the program's reference count is not decremented, causing the BPF program to remain loaded indefinitely...
HashiCorp Vault 加密问题漏洞
HashiCorp Vault is a private key access management tool from HashiCorp USA. A security vulnerability exists in HashiCorp Vault Enterprise that stems from the Vault not properly applying HMAC to messages sent from the HSM when using a CBC-based encryption mechanism...
PT-2023-18357 · Hashicorp · Hashicorp Vault Enterprise
Name of the Vulnerable Software and Affected Versions: HashiCorp Vault Enterprise versions 1.13.0 through 1.13.1 Description: The issue concerns a padding oracle attack when using an HSM in conjunction with the CKM AES CBC PAD or CKM AES CBC encryption mechanisms. An attacker with privileges to...
Exploit for SQL Injection in Prestashop
LabelGrup Networks, official PrestaShop Partner !LabelGrup L...
K35205264: Linux kernel vulnerability CVE-2018-10938
Security Advisory Description A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-servic...
SUSE CVE-2013-1920
Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module XSM is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to injec...
SUSE CVE-2015-3631
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules LSM and dockert policies via an image that allows volumes to override files in /proc...
CVE-2022-46569
D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module...
CVE-2022-41617
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface...
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...