225 matches found
ksmbd: Fix the missing xa_store error check
...
UBUNTU-CVE-2024-50285
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbdworkcache”. It will cause OOM issue. ksmbd has a credit mechanism but it can'...
The vulnerability of the HTTP Daemon (httpd) on the Juniper Networks Junos OS allows a attacker to cause a service failure.
The vulnerability of the HTTP Daemon httpd component of the Juniper Networks Junos OS operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
DEBIAN-CVE-2024-47692
In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7029-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7029-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6917-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6917-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6918-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6918-1 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...
Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...
USN-6818-4: Linux kernel (HWE) vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...
Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...
USN-6819-3: Linux kernel (OEM) vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...
Ubuntu 23.10 : Linux kernel (ARM laptop) vulnerabilities (USN-6818-2)
The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-2 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...
CVE-2024-26342
A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...
The vulnerability of the formSetCfm() function in the httpd daemon of the microprogramming software for wireless access points from Tenda i6 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetCfm function in the httpd daemon of the microprogrammed wireless access points from Tenda i6 is related to the operation that goes beyond the buffer in memory when processing the funcpara1 parameter. Exploiting this vulnerability could allow an attacker to compromi...
CVE-2024-0540
A vulnerability was found in Tenda W9 1.0.0.74456. It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has bee...
CVE-2024-0536
A vulnerability, which was classified as critical, has been found in Tenda W9 1.0.0.74456. Affected by this issue is the function setWrlAccessList of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be launched remotely. The...
PT-2024-1459 · Tenda · Tenda W9
Name of the Vulnerable Software and Affected Versions: Tenda W9 version 1.0.0.74456 Description: The issue affects the function formQosManage user of the component httpd, where the manipulation of the argument ssidIndex leads to a stack-based buffer overflow. This can allow a remote attacker to...
CVE-2023-31272
A stack-based buffer overflow vulnerability exists in the httpd dowds functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability...
CVE-2022-46080
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET...