2748 matches found
PT-2024-33146 · Unknown · Cloud Smart Lock
Name of the Vulnerable Software and Affected Versions: Cloud Smart Lock version 2.0.1 Description: The issue concerns a leaked URL in the APK file that can be used to call an API for binding physical devices. This allows attackers to construct requests to bind the app to unknown devices by findin...
CVE-2024-48548
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack...
SUSE CVE-2022-49021
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 Oops: 0000 1 PREEMPT SMP KASAN PTI CPU: 1...
UBUNTU-CVE-2022-49021
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 Oops: 0000 1 PREEMPT SMP KASAN PTI CPU: 1...
Security update for cups-filters
This update for cups-filters fixes the following issues: cups-browsed would bind on UDP INADDRANY:631 and trust any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL. This patch removes support for the legacy CUPS and LDAP protocols, the previous...
Malicious code in binding-rose-ox (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9519 Malicious code in binding-rose-ox (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-49384
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49383
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49382
The CVE-2024-49382 issue affects Acronis Cyber Protect 16 (Linux and Windows) prior to build 38690. The archive-server service binds to an unrestricted IP address, creating an excessive attack surface due to exposure. A confirmed remediation is to update to build 38690 or later; PT Security also ...
CVE-2024-49382
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
PT-2024-33497 · Acronis · Acronis Cyber Protect
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect 16 versions prior to build 38690 Description: The issue is related to an excessive attack surface in the acep-importer service due to binding to an unrestricted IP address. This could potentially lead to system compromis...
PT-2024-33496 · Acronis · Acronis Cyber Protect 16
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect 16 versions prior to build 38690 Description: The archive-server service in Acronis Cyber Protect 16 has an excessive attack surface due to binding to an unrestricted IP address. This issue affects Acronis Cyber Protect ...
PT-2024-33498 · Acronis · Acronis Cyber Protect
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect 16 versions prior to build 38690 Description: The issue is related to an excessive attack surface in the acep-collector service due to binding to an unrestricted IP address. Recommendations: For Acronis Cyber Protect 16...
Medium: cups-filters
Issue Overview: CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. The cfGetPrinterAttributes5 function ...
OESA-2024-2246 cups-filters security update
This project provides backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc. In addition it contains additional filters and software developed independently of Apple, especially filters for the PDF-centric printing workflow...
PyO3 安全漏洞
PyO3 is a Rust binding for the Python interpreter open-sourced by PyO3. A security vulnerability exists in PyO3 that stems from the presence of a post-release reuse issue that could lead to memory corruption or a crash...
CVE-2024-46795
...
Vulnerabilities in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177)
OpenPrinting CUPS is the most current version of CUPS, a standards-based, open source printing system for Linux® and other Unix®-like operating systems. Several security vulnerabilities have been disclosed in the OpenPrinting Common Unix Printing System CUPS on Linux systems that could permit...
cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source
A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...