USN-5416-1 linux-oem-5.14 vulnerabilities

Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. CVE-2022-1158 It was discovered that the implementation ...

PT-2022-9724 · Amd · Athlon™ Series +53

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a failure to verify the protocol in SMM, which may allow an attacker to control the protocol and modify SPI flash, potentially...

CVE-2022-29846

In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number...

CVE-2022-29846

In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number...

CVE-2022-29846

In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number...

CVE-2022-29846

Progress WhatsUp Gold (versions 16.1–21.1.1 and 22.0.0) is affected by a vulnerability that allows an unauthenticated attacker to obtain the product installation serial number. The publicly provided documents confirm affected versions and the disclosure impact, but do not specify the root cause d...

CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

Progress Software WhatsUp Gold 信息泄露漏洞

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability exists in Progress Software WhatsUp Gold versions 16.1 through...

PT-2022-19872 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions 16.1 through 21.1.1 Ipswitch WhatsUp Gold version 22.0.0 Description: The issue allows an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. Recommendations: For Ipswitch WhatsUp Gol...

PT-2022-9730 · Amd +1 · Amd Secure Processor +1

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to a failure to validate the integer operand in the ASP bootloader, which may allow an attacker to introduce an integer overflow in the L2 directory table ...

CVE-2022-0947

A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration...

Design/Logic Flaw

A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration...

CVE-2022-0947

CVE-2022-0947 affects the ABB ARG600 Wireless Gateway series. The vulnerability allows an attacker to remotely connect to the serial port gateway and/or protocol converter, depending on configuration, enabling high-severity impact. Public metrics show a CVSS v3.1 base score of 9.8 (CRITICAL) with...

CVE-2022-0947 Arctic Wireless Gateway Firewall vulnerability

A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration...

kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device

A denial of service flaw was found in mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recvtype...

kernel: avoid cyclic entity chains due to malformed USB descriptors

A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system...

udisks2: insecure defaults in user-accessible mount helpers allow for a DoS

A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...

kernel: avoid cyclic entity chains due to malformed USB descriptors

A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system...

ABB ARG600 Wireless Gateway 安全漏洞

The ABB ARG600 Wireless Gateway is a wireless gateway device from ABB. A security vulnerability exists in the ABB ARG600 Wireless Gateway. An attacker could exploit the vulnerability by remotely connecting to a serial port gateway or protocol converter...

HUAWEI HarmonyOS Information Disclosure Vulnerability (CNVD-2022-50634)

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in the HUAWEI HarmonyOS security component, which stems from a serial number capture vulnerability in th...