152 matches found
The vulnerability of the USB-Audio component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the USB-Audio component in the Linux operating system’s kernel is related to errors in reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...
Linux Distros Unpatched Vulnerability : CVE-2019-10153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fencerhevm t...
The vulnerability of the parse_endpoints() function in the tcprewrite editing tool and the Tcpreplay tool for editing and replaying PCAP files allows a hacker to cause a service failure.
The vulnerability of the parseendpoints function in the tcprewrite editing tool for PCAP files, as well as in the Tcpreplay tool for editing and replaying PCAP files, is related to pointer manipulation. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
CVE-2020-9250
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. Vulnerability ID: HWPSIRT-2019-12302 Th...
CVE-2020-9250
There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. Vulnerability ID: HWPSIRT-2019-12302 Th...
PT-2024-10868 · Huawei · Huawei Smartphone
Name of the Vulnerable Software and Affected Versions: Huawei smart phone affected versions not specified Description: The issue is related to insufficient authentication in some Huawei smart phones, allowing an unauthenticated, local attacker to craft a software package to exploit this issue. Du...
The vulnerability of the microprogramming software for Rockwell Automation’s EtherNet/IP adapters model 5015-AENFTXT, related to input validation errors, allows a intruder to trigger an error (MNRF) and cause service failure.
The vulnerability of the microprogramming software for Rockwell Automation’s EtherNet/IP adapters model 5015-AENFTXT is related to input validation errors. Exploiting this vulnerability can allow an attacker to trigger the Error Message Recovery MNRF and cause service failure...
The vulnerability of the i2c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the i2c component in the Linux operating system’s kernel is related to a stack overflow in the function mlxbfi2csmbusstartTransaction. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the enqueue_task_dl() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the enqueuetaskdl function in the kernel/sched/deadline.c module of the Linux operating system is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
AZL-50381 CVE-2024-21231 affecting package mysql for versions less than 8.0.40-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to...
Vulnerability of the H5O__dtypeDecodeHelper function in the H5Odtype.c file of the HDF5 library, allowing a hacker to cause a service failure.
The vulnerability of the H5Odtypedecodehelper function in the H5Odtype.c file is related to the dereferencing of NULL pointers. Exploiting this vulnerability could allow an attacker to cause service failures remotely...
The vulnerability of the OpenSSL library lies in the possibility of reading an incorrect address in memory during the comparison of the subject name “otherName” with the X.509 certificate. This allows a malicious actor to cause a service failure.
The vulnerability of the OpenSSL library is related to the reading of an incorrect address in memory during the comparison of the subject name “otherName” with the X.509 certificate’s name. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Dell Repository Manager 安全漏洞
Dell Repository Manager is a data repository manager from Dell USA. A security vulnerability exists in Dell Repository Manager 3.4.2 and earlier versions, which stems from a local elevation of privilege vulnerability that allows a local, low-privilege attacker to execute arbitrary executable file...
The vulnerability of the pdf_base_font_alloc() function in the software suite for processing, transforming, and generating Ghostscript documents allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the pdfbasefontalloc function in the software suite for processing, transforming, and generating Ghostscript documents is related to buffer overflows caused by improper scaling of the pointer "".F" PRIINTPTR". Exploitation of this vulnerability could allow a malicious actor t...
OpenJDK: Pack200 increase loading time due to improper header validation (8322106)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability...
The vulnerability of the cifs_dump_full_key() function in the SMB protocol client implementation of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the cifsdumpfullkey function in the fs/smb/client/ioctl.c module of the SMB protocol client implementation in Linux kernel is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability of the ProcXIPassiveGrabDevice() function in the X Window System Xorg-server allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the ProcXIPassiveGrabDevice function in the X Window System Xorg-server lies in the possibility of data being written outside of the buffer. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause service...
CVE-2024-3701
The system application com.transsion.kolun.aiservice component does not perform an authentication check, which allows attackers to perform malicious exploitations and affect system services...
The vulnerability of the C language module for signing and encrypting JSON objects, called “JSON Latchset Jose,” involves an uncontrolled resource consumption, allowing attackers to cause service failures.
The vulnerability of the C language module for signing and encrypting JSON objects, such as “Jose,” is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message
A security weakness was identified in EDK2, the open-source reference implementation of the UEFI specification, revealing a buffer overflow vulnerability. This vulnerability enables an unauthorized attacker within proximity on the network to transmit a specifically crafted DHCPv6 Advertise messag...