Lucene search
K

91 matches found

OSV
OSV
added 2025/05/14 1:15 p.m.1 views

UBUNTU-CVE-2023-53146

In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References11
NVD
NVD
added 2025/04/01 12:15 p.m.10 views

CVE-2025-3083

Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to 6.0.20 and MongoDB v7.0 versions prior to...

7.5CVSS0.00414EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 11:12 a.m.122 views

CVE-2025-3083

This CVE affects MongoDB: malformed wire protocol messages can crash mongos during command validation, exploitable without authentication. Affected versions are MongoDB v5.0 before 5.0.31, v6.0 before 6.0.20, and v7.0 before 7.0.16. Impact is a denial of service (availability) with a high severit...

7.5CVSS7.1AI score0.00414EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/01 11:12 a.m.85 views

CVE-2025-3083 Malformed MongoDB wire protocol messages may cause mongos to crash

Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to 6.0.20 and MongoDB v7.0 versions prior to...

7.5CVSS0.00414EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/04/01 12:0 a.m.10 views

MongoDB -- Malformed wire protocol messages may cause mongos to crash

[email protected] reports: Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31, MongoDB v6.0 versions prior to6.0.20 and MongoDB v7...

7.5CVSS7.2AI score0.00414EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.2 views

UBUNTU-CVE-2024-49961

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ar0521: Use cansleep version of gpiodsetvalue If we use GPIO reset from I2C port expander, we must use cansleep variant of GPIO functions. This was not done in ar0521poweron/ar0521poweroff functions. Let's fix that...

5.5CVSS6.2AI score0.00234EPSS
Exploits0References23
CNNVD
CNNVD
added 2024/08/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect removal of the i2csetclientdata callback during refactoring...

5.5CVSS4.6AI score0.0018EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.3 views

kernel: i2c: core: Run atomic i2c xfer when !preemptible

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g. in waitforcompletion while waiting for the DMA...

5.5CVSS6.8AI score0.0024EPSS
Exploits0References5
OSV
OSV
added 2024/05/24 3:15 p.m.5 views

DEBIAN-CVE-2021-47561

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: disable timeout handling If a timeout is hit, it can result is incorrect data on the I2C bus and/or memory corruptions in the guest since the device can still be operating on the buffers it was given while the guest...

7.8CVSS6.2AI score0.00202EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.6 views

The vulnerability in the implementation of the Java Debug Wire Protocol (JDWP) of the ProSAFE Network Management System (NMS300) allows a perpetrator to execute arbitrary code.

The vulnerability of the Java Debug Wire Protocol implementation in the ProSAFE Network Management System NMS300 lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to execute arbitrary code by connecting to port 11611...

10CVSS6AI score0.01154EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/11/29 10:41 p.m.27 views

CVE-2023-49693 NETGEAR ProSAFE Network Management System RCE via Unprotected Access to Java Debug Wire Protocol

NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol JDWP listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code...

9.8CVSS10AI score0.01154EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.2 views

NETGEAR 访问控制错误漏洞

NETGEAR ProSAFE Network Management System is a network management system from NETGEAR for centralized management, monitoring, and configuration of network devices. An Access Control Error vulnerability exists in the NETGEAR ProSAFE Network Management System that originates from an unauthenticated...

9.8CVSS7.4AI score0.01154EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.5 views

PT-2023-7244 · NetGear · Netgear Prosafe Network Management System

Name of the Vulnerable Software and Affected Versions: NETGEAR ProSAFE Network Management System affected versions not specified Description: The issue is related to the implementation of the Java Debug Wire Protocol JDWP in the ProSAFE Network Management System, which lacks authentication for a...

9.8CVSS7.6AI score0.01154EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-20925

An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13; MongoDB...

7.5CVSS6.8AI score0.01655EPSS
Exploits0References3
NVD
NVD
added 2022/03/11 6:15 p.m.30 views

CVE-2022-23625

Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...

6.5CVSS0.01191EPSS
Exploits0References3
Prion
Prion
added 2022/03/11 6:15 p.m.16 views

Code injection

Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...

4CVSS6.3AI score0.01191EPSS
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2018-0355)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.02687EPSS
Exploits0References5
OSV
OSV
added 2021/10/04 4:59 p.m.3 views

USN-5101-1 mongodb vulnerability

It was discovered that MongoDB incorrectly handled certain wire protocol messages. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service...

7.5CVSS7.1AI score0.01655EPSS
Exploits0References2
Prion
Prion
added 2021/08/10 11:15 p.m.17 views

Remote code execution

SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol JDWP interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier...

7.5CVSS9.5AI score0.02007EPSS
Exploits0References1Affected Software1
SonicWall
SonicWall
added 2021/08/10 2:29 p.m.10 views

SonicWall Analytics Remote Command Execution via Java Debug Wire Protocol

SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol JDWP interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier. CVE: CVE-2021-20032 Last updated: Aug. 10, 2021, 2:...

9.8CVSS7.3AI score0.02007EPSS
Exploits0
Rows per page
Query Builder