Undermining Integrity Features of SEV-SNP with Memory Aliasing

AMD ID: AMD-SB-3015 Potential Impact: Loss of Integrity Severity: Medium Summary A team of researchers has reported to AMD that it may be possible to modify serial presence detect SPD metadata to make an attached memory module appear larger than it is, potentially allowing an attacker to overwrit...

CVE-2024-47146

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal...

CVE-2024-47146

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal...

CVE-2024-47146 Ruijie Reyee OS Resource Leak

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal...

CVE-2024-47146

CVE-2024-47146 affects Ruijie Reyee OS devices running 2.206.x to

CVE-2024-47146 Ruijie Reyee OS Resource Leak

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal...

CVE-2024-47043

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...

CVE-2024-47043

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...

OESA-2024-2519 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix invalid FIFO access with special register set When enabling access to the special register set, Receiver time-out and RHR interrupts can...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x through versions prior to 2.320.x. The vulnerability can be exploited by an attacker to gain access to the device. An attacker could exploit this vulnerabilit...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS version 2.206.x up to and including 2.320.x. An attacker could exploit the vulnerability to associate a device serial number with a user's phone number and partial email...

CVE-2024-54127 Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50

This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could...

PT-2024-9343 · Tp Link · Tp-Link Archer C50

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C50 affected versions not specified Description: The issue is related to the storage of critical information in an unencrypted manner in the web interface of the TP-Link Archer C50 Wi-Fi router. This could allow an attacker to...

TP-Link Archer C50 安全漏洞

The TP-LINK Archer C50 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-Link Archer C50 prior to version V4 240917, which stems from terminal access on the serial interface that is not properly privileged, allowing an attacker to obtain Wi-Fi credentials on t...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: USB: serial: mos7840: fix crash on resume

In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 "USB: serial: use generic method if no alternative is provided in usb serial layer", USB serial core calls the generic resume implementation when the driver has...

kernel: spi: Fix null dereference on suspend

In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous noqueue transfer can be active during a system suspend. This can cause a null pointer dereference exception to occur when the system resumes. Exampl...

VulnCheck KEV: CVE-2024-53197

Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code...

The vulnerabilities of the disable_show() and disable_store() functions in the Linux kernel USB driver allow attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the disableshow and disablestrore functions in the drivers/usb/core/port.c file of the Linux kernel’s USB driver is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected...

The vulnerability of the Serial component in Microsoft Edge and Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the Serial component in Microsoft Edge and Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page from a remote location...