43 matches found
OESA-2024-1112 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c.CVE-2023-46343 In the Linux kernel before 6.4.12, amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpucs.c has a...
OESA-2024-1113 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c.CVE-2023-46343 In the Linux kernel before 6.4.12, amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpucs.c has a...
The vulnerability of the send_acknowledge() function in the net/nfc/nci/spi.c module of the Linux kernel allows a intruder to trigger a service failure.
The vulnerability of the NCI protocol implementation in Linux operating systems is related to the handling of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
In the Linux kernel before 6.5.9 there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.
...
SUSE CVE-2023-46343
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c...
DEBIAN-CVE-2023-46343
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c...
CVE-2023-46343
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in sendacknowledge in net/nfc/nci/spi.c...
PT-2023-8457
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.9 Description The issue is related to a NULL pointer dereference in the send acknowledge function in net/nfc/nci/spi.c. This could potentially allow an attacker to cause a denial of service. Recommendations F...
Stored XSS at Search page
Description Create new item with XSS payload. Then go to Search page, XSS vulnerability will be trigger. Proof of Concept https://drive.google.com/file/d/1OB11FmQvy2-qRI9r1BlavKUxJ4kaMjp/view?usp=sharing Acknowledge Tran Van Nhan from bl4ckh0l3 of GalaxyOne...
kernel: tcp: tcp_rtx_synack() can be called from process context
In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...
PT-2022-20291 · Unknown · Semwifiapclient
Name of the Vulnerable Software and Affected Versions: SemWifiApClient versions prior to SMR Jul-2022 Release 1 Description: The issue is related to an improper access control vulnerability in the sendDHCPACKBroadcast function. This vulnerability allows an attacker to access the WiFi AP client MA...
AirDrop Is Leaking Email Addresses and Phone Numbers
Apple has known about the flaw since 2019 but has yet to acknowledge or fix it...
RHEL 7 : kernel (RHSA-2021:0878)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0878 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: locking issue in...
HTTP/2: flood using SETTINGS frames results in unbounded memory growth
A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...
Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution
Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding...
Quest NetVault Backup Server < 11.4.5 - Process Manager Service SQL Injection / Remote Code Execution
Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding the bug Version: Quest NetVault Backup Server 11.4.5 CVE : CVE-2017-17417 There is a decent...
The vulnerability of the NVBUPhaseStatus Acknowledge request handler in the software for NetVault Backup’s data archiving and restoration capabilities allows a attacker to execute arbitrary code.
The vulnerability of the NVBUPhaseStatus Acknowledge request handler in software for NetVault Backup’s data archiving and restoration functions is related to insufficient protection of the SQL query structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...
CVE-2017-17417
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method requests. The issue...
Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Acknowledge Method SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Acknowledge method requests. The issue results...
Moderate: Red Hat Security Advisory: python-django security update
An update for python-django is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...