CVE-2023-44107

Vulnerability of defects introduced in the design process in the screen projection module.Successful exploitation of this vulnerability may affect service availability and integrity...

CVE-2023-44107

CVE-2023-44107 relates to Huawei HarmonyOS, specifically a vulnerability in the screen projection module due to defects introduced in the design process. The issue may affect availability and integrity of services. The vulnerability is documented across multiple feeds (NVD and related CVE lists) ...

CVE-2023-44107

Vulnerability of defects introduced in the design process in the screen projection module.Successful exploitation of this vulnerability may affect service availability and integrity...

Advisory ROSA-SA-2023-2243

Software: avahi 0.7 OS: ROSA Virtualization 2.1 packageevrstring: avahi-0.7-19.0.1.rv3 CVE-ID: CVE-2021-3468 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A bug was discovered in avahi in versions 0.6 through 0.8. The event used to signal the termination of a client connection in the avahi Unix socket...

The vulnerability in the Firefox web browser, related to the simultaneous execution using a shared resource with incorrect synchronization, allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability in the Firefox web browser relates to the simultaneous execution of operations using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptio...

The vulnerability of the `btrfs_get_dev_args_from_path()` function in the `fs/btrfs/volumes.c` file of the Linux kernel’s file system allows a privileged attacker to compromise the confidentiality, integrity, and accessibility of protected information, or cause service failures.

The vulnerability of the btrfsgetdevargsfrompath function in the fs/btrfs/volumes.c file of the btrfs file system in the Linux kernel is related to the use of previously freed memory. Exploiting this vulnerability could allow a person with elevated privileges to compromise the confidentiality,...

Input validation

A vulnerability was discovered in Veritas NetBackup Snapshot Manager before 10.2.0.1 that allowed untrusted clients to interact with the RabbitMQ service. This was caused by improper validation of the client certificate due to misconfiguration of the RabbitMQ service. Exploiting this impacts the...

Authorization

External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use TOCTOU weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists. Attackers could...

Malicious actors could pass in huge arrays to disrupt service availability (DOS) in the updateVotingPower function

Lines of code Vulnerability details Impact The contract is stopped from being usable by legitimate users if the attacker repeatedly spammed large arrays Proof of Concept The updateVotingPower function currently only checks that the array is = 50: While 50 may be a reasonable limit for normal usag...

CVE-2023-3455

Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity...

CVE-2023-3455

Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity...

Code injection

Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity...

CVE-2023-3455

Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity...

CVE-2023-3455

Technical details about CVE-2023-3455 are not publicly provided in the supplied documents; monitor for updates.

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security bypass vulnerability exists in Huawei...

The vulnerability of the TCP-AO protocol implementation in Juniper Networks’ Junos operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TCP-AO protocol implementation in Juniper Networks’ Junos operating system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of D-Link DIR-825 router microprogramming software, related to the use of weak password requirements, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of D-Link DIR-825 router microprogramming software is related to the use of weak password requirements. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

Design/Logic Flaw

Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the intoto/v0.0.2 type can cause a panic on a thread within the Rekor process. The thread is recovered so the client receives a 500 error...

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and t...

Amazon Linux AMI : libwebp (ALAS-2023-1740)

The version of libwebp installed on the remote host is prior to 0.3.0-10.8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1740 advisory. A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign...