495 matches found
CVE-2023-20515
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability...
CVE-2023-20515
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability...
CVE-2023-20515
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability...
CVE-2023-20515
Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability...
CVE-2023-20515
CVE-2023-20515 affects the fTPM driver in the AMD trusted OS. Root cause: improper access control allowing a privileged local attacker to corrupt system memory, potentially impacting integrity, confidentiality, and availability. Affected component: fTPM driver within AMD trusted OS. Impact: memor...
CVE-2024-21453
Transient DOS while decoding message of size that exceeds the available system memory...
Excessive Memory Consumption
github.com/t2bot/matrix-media-repo is vulnerable to Excessive Memory Consumption. The vulnerability is due to inadequate handling of large JSON responses, allowing an attacker to exhaust system memory and potentially crash the application...
CVE-2024-46668
CVE-2024-46668 describes an allocation of resources without limits or throttling (CWE-770) in Fortinet FortiOS. The vulnerability affects FortiOS versions 7.4.0–7.4.4, 7.2.0–7.2.8, 7.0.0–7.0.15, and 6.4.0–6.4.15, where an unauthenticated remote attacker could cause memory exhaustion by uploading ...
Qualcomm Chipsets 权限许可和访问控制问题漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. The Qualcomm Chipsets have a Privilege Permission and Access Control Issue vulnerability that arises from uncontrolled resource consumption when a driver, application, or SMMU client attempts to access global registers via...
CVE-2023-48010
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SPC58 PowerPC microcontrollers may disable the System Memory Protection Unit and gain unabridged read/write access to protected assets...
CVE-2023-48010
STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SPC58 PowerPC microcontrollers may disable the System Memory Protection Unit and gain unabridged read/write access to protected assets...
PT-2024-13538
Name of the Vulnerable Software and Affected Versions STMicroelectronics SPC58 affected versions not specified Description The STMicroelectronics SPC58 PowerPC microcontrollers are affected by a missing protection mechanism for an alternate hardware interface. Code executing with supervisor...
CVE-2023-48010
CVE-2023-48010 affects STMicroelectronics SPC58 PowerPC automotive MCUs. The vulnerability arises from a missing protection mechanism for an alternate hardware interface, allowing code executing with Supervisor privileges to disable the System Memory Protection Unit and obtain unabridged read/wri...
NATS Server Configuration Advice for Use With Veeam Backup for Microsoft 365
Purpose This article provides advice for optimizing NATS Server configuration when used in conjunction with Veeam Backup for Microsoft 365. Solution When Veeam Backup for Microsoft 365 is deployed using the included NATS Server, the system variable 'GOMEMLIMIT ' is set to 30% of the total system...
PostgreSQL Memory disclosure in aggregate function calls (CVE-2023-5868)
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes,...
CVE-2024-20260
A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance ASAv and Cisco Secure Firewall Threat Defense Virtual FTDv, formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual device...
CVE-2024-20260
CVE-2024-20260 affects Cisco ASAv and Cisco Secure Firewall Threat Defense Virtual (FTDv). The vulnerability arises from improper memory management for new incoming SSL/TLS connections on the virtual platforms, allowing an unauthenticated remote attacker to exhaust system memory and cause Denial ...
Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability
A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance ASAv and Cisco Secure Firewall Threat Defense Virtual FTDv, formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual device...
PT-2024-6783 · Microsoft · Windows Ancillary Function Driver For Winsock +1
Name of the Vulnerable Software and Affected Versions: Windows Ancillary Function Driver for WinSock affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. This could allow an attacker ...
Low: Red Hat Security Advisory: linux-firmware security update
An update for linux-firmware is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...