Intel BIOS Guard firmware 安全漏洞

Intel Bios is a basic input-output system used by Intel Corporation USA to perform hardware initialization during the power-on boot phase, as well as firmware that provides runtime services to the operating system. A security vulnerability exists in the Intel BIOS Guard firmware that stems from t...

Intel Wireless Bluetooth 安全漏洞

Intel Wireless Bluetooth is a driver tool from Intel USA that can effectively solve some problems with intel bluetooth in win10 system. A security vulnerability exists prior to Intel Wireless Bluetooth version 23.20, which stems from the presence of an improper condition checking issue. It could...

Intel Quartus Prime 安全漏洞

Intel Quartus Prime is a programmable logic device tool for the design and development of Fpga from Intel Corporation. A security vulnerability exists in Intel Quartus Prime prior to version 23.1 that stems from an improper condition checking issue. It could allow an authenticated user to escalat...

Vulnerability in OpenSSL - Excessive time spent checking DSA keys and parameters

Issue summary : Checking excessively long DSA keys or parameters may be very slow. Impact summary : Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checke...

Adobe Framemaker 安全漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker, which is caused by improper boundary checking. An attacker...

Adobe Framemaker 安全漏洞

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker, which is caused by incorrect boundary checking. An attacker...

The vulnerability of the “register_argc_argv” option in the Cacti network monitoring software allows a hacker to execute arbitrary commands.

The vulnerability of the Cacti network monitoring software’s option registerargcargv is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely by injecting a specially crafted URL address...

Heap-based Buffer Overflow

IBM MQ Appliance 9.3 CD and LTS are vulnerable to a Heap-based Buffer Overflow. The vulnerability is due to improper bounds checking, allowing a remote authenticated attacker to overflow a buffer and execute arbitrary code on the system or cause the server to crash...

PT-2024-33190 · Satellite · Satellite

Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: A vulnerability was found in Satellite where the host's SSH key is not being checked when running a remote execution job on a host. This is due to the use of "-o StrictHostKeyChecking=no"...

RHEL 6 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver CVE-2017-12762 - kernel: lack of port...

RHEL 7 : libgit2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2020-12279 - A...

RHEL 8 : polkit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - polkit: Improper handling of user with uid INTMAX leading to authentication bypass CVE-2018-19788 - In...

RHEL 7 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - The conver...

SQLMC - Check All Urls Of A Domain For SQL Injections

SQLMC SQL Injection Massive Checker is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the given URL up to a specified depth, checks each link for SQL injection vulnerabilities, and reports its findings. Features Scans a domain for SQL injection vulnerabilities Crawl...

SUSE-SU-2024:1557-3 Security update for rpm

This update for rpm fixes the following issues: Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking bsc1191175 Other fixes: - accept more signature subpackets marked as critical bsc1218686 - backport limit support for the autopatch macro bsc1189495...

SUSE-SU-2024:1557-1 Security update for rpm

This update for rpm fixes the following issues: Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking bsc1191175 Other fixes: - accept more signature subpackets marked as critical bsc1218686 - backport limit support for the autopatch macro bsc1189495...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek chips, which stems from an incorrect state checking issue in the DA module, which may allow privilege bypass...

Coredns: cd bit response is cached and served later

...

Out-of-bounds Read

libfreerdp.so is vulnerable to an out-of-bounds read. This vulnerability is due to inadequate bounds checking in the planarskipplanerle function, leading to potential out-of-bounds reads when processing RLE-encoded data...

Out-of-bounds Read

libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to inadequate bounds checking in the zgfxdecompresssegment function because the variable count is not checked against StreamGetRemainingLength. This could allow an attacker to potentially access sensitive information o...