Debian dla-3792 : ctdb - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3792 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3792-1 [email protected]...

SUSE CVE-2021-46950

In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being cleared. Since we...

CVE-2021-46950

In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being cleared. Since we...

CVE-2021-46950

In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being cleared. Since we...

DEBIAN-CVE-2021-46950

In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a data corruption bug in raid1 arrays using bitmaps. Without this fix, the bitmap bits for the failed I/O end up being cleared. Since we...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to correctly indicate when ending a failed write request...

CVE-2024-20816

Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness...

PT-2024-18723 · Unknown · Auto Hotspot

Name of the Vulnerable Software and Affected Versions: Auto Hotspot versions prior to SMR Feb-2024 Release 1 Description: The issue is related to an improper authentication vulnerability in the onCharacteristicWriteRequest function. This allows adjacent attackers to connect to a victim's mobile...

Cross site request forgery (csrf)

An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service...

Gecko SDK 安全漏洞

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in the Gecko SDK, which stems from an invalid prepare to write request...

EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-2697)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing th...

CVE-2022-32742

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

UBUNTU-CVE-2022-32742

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

GHSA-V5P2-VG3C-PMRR Apache Tomcat Path Traversal Vulnerability

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag...

SUSE-SU-2022:0918-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in modsed bsc1197098. - CVE-2022-22720: HTTP request smuggling due to incorrect error handling bsc1197095. - CVE-2022-22719: use of uninitialized value of in r:parsebody in modlua bsc1197091. -...

CVE-2021-1983

Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

UVI-2021-1000173 md/raid1: properly indicate failure when ending a failed write request

md/raid1: properly indicate failure when ending a failed write request This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.118 by commit...

GSD-2021-1000106 md/raid1: properly indicate failure when ending a failed write request

md/raid1: properly indicate failure when ending a failed write request This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.20 by commit...

Netgear NETGEAR JGS516PE 安全漏洞

The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. A security vulnerability exists in the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. The vulnerability stems from the failure of the NSDP protocol implementation to properly validate the length of string parameters sent i...

IBM HTTP Server 7.0.0.0 < 7.0.0.33 / 8.0.0.0 < 8.0.0.9 / 8.5.0.0 < 8.5.5.2 Buffer Overflow (244199)

The version of IBM HTTP Server running on the remote host is affected by a vulnerability related to Apache HTTP Server. The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which...