6175 matches found
USN-4752-1: Linux kernel (OEM) vulnerabilities
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...
USN-4752-1 linux-oem-5.6 vulnerabilities
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...
QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c
A reachable assertion vulnerability was found in the USB EHCI emulation code of QEMU. This issue occurs while processing USB requests due to missed handling of DMA memory map failure. This flaw allows a malicious privileged user within the guest to send bogus USB requests and crash the QEMU proce...
The vulnerability of the USB DeviceHandler component in the Google Chrome web browser allows a perpetrator to compromise the integrity, confidentiality, and accessibility of the protected information.
The vulnerability of the USB DeviceHandler component in the Google Chrome web browser is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the integrity, confidentiality, and accessibility of the protected...
CVE-2021-23841
The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...
DEBIAN-CVE-2021-22174
Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file...
DEBIAN-CVE-2021-22173
Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file...
UBUNTU-CVE-2021-22174
Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file...
UBUNTU-CVE-2021-22173
Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file...
CVE-2021-23841
The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...
CVE-2021-23841 Null pointer deref in X509_issuer_and_serial_hash()
The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...
PT-2021-5244 · D Link · D-Link Dir-2640-Us +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-2640-US version 1.01B04 Description: The issue is related to insufficiently protected credentials. The D-Link AC2600 DIR-2640 stores the device system account password in plain text and does not utilize Linux user management...
LG Mobile Devices With Android OS Resource Management Error Vulnerability
LG mobile is a line of mobile device products from LG. LG Mobile devices Google Android OS 8.0, 8.1, 9.0, and 10 software suffer from a resource management error vulnerability that stems from the USB laf gadget having a use-after-free...
Diagnosing an unresponsive Citrix Hypervisor server
This article describes how to diagnose an unresponsive XenServer or Citrix Hypervisor server. If you cannot connect to your Citrix Hypervisor server from XenCenter or other orchestration tool, you can use the steps in this article to attempt to regain access to the unresponsive server and gather...
March 25, 2021-KB5000854 (OS Build 17763.1852) Preview
March 25, 2021-KB5000854 OS Build 17763.1852 Preview 2/16/21 IMPORTANT As part of the end of support for Adobe Flash, KB4577586 is now available as an optional update from Windows Update WU and Windows Server Update Services WSUS. Installing KB4577586 will remove Adobe Flash Player permanently fr...
Apple IO Model Buffer Error Vulnerability
Apple IO Model is a module for handling IO operations from Apple USA. Apple IO Model suffers from a buffer error vulnerability that stems from a boundary condition when handling USB files in the Model I / O component in macOS. A local user can insert a specially crafted USB drive to trigger an...
Apple Model I/O Buffer Error Vulnerability
Apple IO Model is a module for handling IO operations from Apple USA. A security vulnerability exists in Apple Model I/O. The vulnerability stems from a boundary condition when handling USB files in the Model I / O component in macOS. A local user can insert a specially crafted USB drive to trigg...
Wireshark 资源管理错误漏洞
Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. Wireshark has a denial of service...
Qualcomm Connectivity Code Issue Vulnerability
Qualcomm Connectivity is a Qualcomm Incorporated USA support component used in chips. A security vulnerability exists in Qualcomm Connectivity that originates from an untrusted pointer dereference when making USB control transfers if multiple requests are made from different standard request...
Atlassian Fisheye and Crucible Information Disclosure Vulnerabilities
Atlassian Fisheye and Crucible are both products of Atlassian Australia.Atlassian Fisheye is a suite of source code deep viewing software.Crucible is a suite of code review tools. A security vulnerability exists in versions of Atlassian Fisheye and Crucible prior to 4.8.4 that allows remote...