CVE-2023-44175 Junos OS and Junos OS Evolved: Receipt of a specific genuine PIM packet causes RPD crash

A Reachable Assertion vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service DoS. Continued receipt and processing of this packet will create...

CVE-2023-44175

CVE-2023-44175 affects Junos OS and Junos OS Evolved. A Reachable Assertion in the routing protocol daemon (rpd) can be triggered by specific genuine PIM packets, causing rpd to crash and leading to a Denial of Service. The impact is a sustained DoS, with exploitation described as dependent on re...

CLSA-2023-1697135256 glib2: Fix of 5 CVEs

CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data -...

mariadb: assertion failure at table->get_ref_count() == 0 in dict0dict.cc

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table-getrefcount == 0 in dict0dict.cc...

mariadb: assertion failure at table->get_ref_count() == 0 in dict0dict.cc

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table-getrefcount == 0 in dict0dict.cc...

RHEL 8 : mariadb:10.5 (RHSA-2023:5683)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5683 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...

Important: mariadb:10.5 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera 26.4.14, mariadb 10.5.22. Security Fixes: mariadb: node crashes with Transport endpoint is not connected mysqld got signa...

Fedora 37 : bind / bind-dyndb-ldap (2023-87502c4a93)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-87502c4a93 advisory. BIND 9.18.19 Security Fixes - Previously, sending a specially crafted message over the control channel could cause the packet- parsing code to run o...

Denial Of Service (DoS)

libpoppler.so is vulnerable to Denial of Service DoS. The vulnerability is due to a reachable assertion in the markObject function which allows an attacker to craft a malicious PDF file that will cause Poppler to crash...

Fortinet FortiOS Cross-Site Scripting Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering, and antispam security features. A security vulnerability exists in Fortinet...

Zephyr Buffer Error Vulnerability

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in Zephyr that stems from an assertion and stack-based buffer overflow in subsys/canbus/isotp/isotp.c. The vulnerability is caused by the presence of an assertion and a...

SUSE CVE-2023-38470

A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function...

USN-6413-1 binutils vulnerabilities

It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-1712...

Ubuntu 16.04 ESM / 18.04 ESM : GNU binutils vulnerabilities (USN-6413-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6413-1 advisory. It was discovered that GNU binutils was not properly performing checks when dealing with memory allocation operations, which could lead to...

CVE-2023-24843 Reachable Assertion in Modem

Transient DOS in Modem while triggering a camping on an 5G cell...

CVE-2023-24843 Reachable Assertion in Modem

Transient DOS in Modem while triggering a camping on an 5G cell...

GLSA-202310-02 : NVIDIA Drivers: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-02 NVIDIA Drivers: Multiple Vulnerabilities - NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape or IOCTL in which user-mo...

CVE-2023-32820

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637...

CVE-2023-32820

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637...

Input validation

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637...