130 matches found
CVE-2025-32033 Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters e.g. for a query's height. If a counter...
Splunk Enterprise 9.1.0 < 9.1.7, < 9.2.4, < 9.3.2 (SVD-2024-1205)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1205 advisory. - In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.2.461 and 3.7.13 of the Splunk Secure Gatew...
The vulnerability of the `server.maxHeadersCount()` configuration in the client-server library `ws` of the Node.js software platform allows a attacker to trigger a denial-of-service attack.
The vulnerability of the server.maxHeadersCount configuration in the client-server library ws of the Node.js software platform is related to errors in pointer assignment due to exceeding the threshold values of request headers. Exploiting this vulnerability may allow a remote attacker to cause...
DEBIAN-CVE-2024-42102
In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wbdirtylimits, again" Patch series "mm: Avoid possible overflows in dirty throttling". Dirty throttling logic assumes dirty limits in page units fit into 32-bits. This patch...
PT-2024-22992 · Google · Android +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing bounds check in the tmu set tr num thresholds function of tmu.c, which could lead to a possible out of bounds write...
PT-2024-23025 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing bounds check in the tmu get tr num thresholds function of tmu.c, which could lead to a possible out of bounds read. Th...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the tmugettrnumthresholds module of the tmu.c file, which may result in out-of-bounds reads...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc USA. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the tmusettrthresholds module of the tmu.c file, which may result in out-of-bounds writes...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the tmusettrnumthresholds module of the tmu.c file, where out-of-bounds writes may occur...
DEBIAN-CVE-2023-52627
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...
CVE-2023-52627
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...
UBUNTU-CVE-2023-52627
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...
CVE-2023-52627
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...
CVE-2023-52627 iio: adc: ad7091r: Allow users to configure device events
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...
CVE-2023-52627
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings...
CVE-2023-41706
Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing of user-defined...
CVE-2023-41707
Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated...
PT-2024-12963 · Unknown · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite affected versions not specified Description: The issue arises from the processing of user-defined DAV user-agent strings not being limited, which could lead to a high processing load and reduce the availability of OX App Suite. T...
PT-2024-12964 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite affected versions not specified Description: The issue concerns the processing time of drive search expressions, which is now monitored, and the related request is terminated if a resource threshold is reached. This could reduce...
PT-2024-12965 · Unknown · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite affected versions not specified Description: The issue arises from the processing of user-defined mail search expressions without limitations, potentially reducing the availability of OX App Suite due to high processing load. The...