PT-2023-6407 · D Link · Dsl-2750U +1

Name of the Vulnerable Software and Affected Versions: D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ affected versions not specified Description: The issue is related to Incorrect Access Control in the D-Link routers. The UART/Serial interface on the PCB provides log output...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

Security Vulnerabilities in Some D-Link Products

The D-Link DSL-2730U is a router from China-based AUO D-Link. A security vulnerability exists in the D-Link DSL-2730U and DSL-2750U that stems from the UART/serial interface on the PCB providing logging output and root privilege termination without proper access control...

SUSE CVE-2023-45862

An issue was discovered in drivers/usb/storage/eneub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation...

Mitsubishi Electric MELSEC-F Series 授权问题漏洞

Mitsubishi Electric MELSEC-F Series is a basic micro PLC with analog and communication function scalability for industrial control equipment from Mitsubishi Electric Mitsubishi Electric, Japan. An authentication error vulnerability exists in the Mitsubishi Electric MELSEC-F Series, which can be...

Fortinet FortiAnalyzer Data Forgery Issue Vulnerability

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

Unbreakable Enterprise kernel security update

4.14.35-2047.530.5.1 - Revert 'rtnetlink: Reject negative ifindexes in RTMNEWLINK' Saeed Mirzamohammadi Orabug: 35896831 4.14.35-2047.530.5 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824288 CVE-2023-42753 - netfilter: xtu32: validate...

CVE-2023-44097

Vulnerability of the permission to access device SNs being improperly managed.Successful exploitation of this vulnerability may affect service confidentiality...

PT-2023-29097 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns the improper management of permissions to access device serial numbers SNs, which could impact service confidentiality upon successfu...

CVE-2023-42782

A insufficient verification of data authenticity vulnerability CWE-345 in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number...

CVE-2023-42782

A insufficient verification of data authenticity vulnerability CWE-345 in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number...

Authorization

A insufficient verification of data authenticity vulnerability CWE-345 in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number...

PT-2023-5996 · Fortinet · Fortianalyzer

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 7.4.0 and below 7.2.3 Description: The issue is related to insufficient verification of data authenticity, allowing a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via knowledge ...

Unbreakable Enterprise kernel security update

5.15.0-106.131.4 - jbd2: check 'jh-btransaction' before removing it from checkpoint Zhihao Cheng - jbd2: fix checkpoint cleanup performance regression Zhang Yi - scsi: qla2xxx: Fix TMF leak through Quinn Tran - scsi: qla2xxx: Fix command flush during TMF Quinn Tran - scsi: qla2xxx: Limit TMF to 8...

Fortinet FortiAnalyzer 数据伪造问题漏洞

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

Huawei HarmonyOS Information Disclosure Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an access rights mismanagement vulnerability in the device serial number. Successful...

XINJE XDPPro Code Issue Vulnerability

XINJE XDPPro is a USB port connection programming software using PLC from China XINJE. A code issue vulnerability exists in XINJE XDPPro version 3.7.17a and prior versions. An attacker could use this vulnerability to cause an uncontrolled search path...

USN-6412-1 linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2, linux-hwe-6.2, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

CVE-2023-30732

Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number...

CVE-2023-30732

Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number...