7644 matches found
CVE-2023-41280 QTS, QuTS hero, QuTScloud
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...
CVE-2024-0675
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary...
CVE-2024-0675
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary...
Tenda AC10U Stack Buffer Overflow Vulnerability
Tenda AC10U is a wireless router from Tenda China. The Tenda AC10U suffers from a stack buffer overflow vulnerability caused by incorrect bounds checking in the formQuickIndex function. A remote attacker can exploit this vulnerability to cause a buffer overflow and execute arbitrary code on the...
Tenda AC10U Stack Buffer Overflow Vulnerability (CNVD-2024-31493)
Tenda AC10U is a wireless router from Tenda China. The Tenda AC10U suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking in the fromNatStaticSetting function. An attacker can exploit this vulnerability to execute arbitrary code on the system...
Tenda AC10U Stack Buffer Overflow Vulnerability (CNVD-2024-31494)
Tenda AC10U is a wireless router from Tenda China. The Tenda AC10U suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking in the saveParentControlInfo function. An attacker can exploit this vulnerability to execute arbitrary code on the system...
CLSA-2024-1706546252 Fix of 10 CVEs
CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurfacev3 - drm/vmwgfx: Add SM41 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM41 param to user space - drm/vmwgfx: Update the...
CLSA-2024-1706545934 Fix of 10 CVEs
CVE-url: https://ubuntu.com/security/CVE-2022-36402 - drm/vmwgfx: Add support for SVGA3dCmdDefineGBSurfacev3 - drm/vmwgfx: Add SM41 flag - drm/vmwgfx: Add CAP2 support in vmwgfx - drm/vmwgfx: Bump version patchlevel and date - drm/vmwgfx: Expose SM41 param to user space - drm/vmwgfx: Update the...
Tenda AC10 安全漏洞
Tenda AC10U is a wireless router from Tenda China. The Tenda AC10U suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking in the saveParentControlInfo function. An attacker can exploit this vulnerability to execute arbitrary code on the system...
The vulnerability of cloud software for creating and using Nextcloud Server’s data storage system lies in insufficiently checking incoming requests, allowing attackers to execute SSRF attacks.
The vulnerability of cloud software for creating and using Nextcloud Server storage solutions is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to execute an SSRF attack remotely...
php: phar Buffer mismanagement
A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phardirread function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing...
Huawei HarmonyOS and EMUI WMS Module Privilege Checking Not Strict Vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and EMUI WMS module have a privilege...
Shelly TRV Security Vulnerability
Shelly TRV is a Wi-Fi connected radiator thermostat from Shelly. A security vulnerability exists in Shelly TRV version 20220811-152343 v2.1.8, which stems from a lack of integrity checking and allows a malicious user to create a backdoor via redirection...
The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.
The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially craft...
Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
Description The plugin is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an...
EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1074)
According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary...
Juniper Networks Junos OS and Junos OS Evolved Code Issue Vulnerability
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK...
Siemens SCALANCE OpenSSL Out-of-bounds Read (CVE-2022-4203)
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
CVE-2023-32401
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution...
Buffer overflow
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution...