Google Pixel Buffer Error Vulnerability

Google Pixel is a smartphone from Google Inc USA. Google Pixel suffers from a security vulnerability that stems from a lack of bounds checking in the TBD component and a possible stack buffer overflow. This could lead to remote code execution without additional execution privileges...

Google Pixel Buffer Error Vulnerability

Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that stems from the lack of bounds checking in the ProfSixDecomTcpSACKoption method of RohcPacketCommon.cpp, which could result in out-of-bounds reads. This could lead to remote...

Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2023-2938)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: exim-4.96.1-1.fc37

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

D-Link DIR-823G Type Parameter Buffer Overflow Vulnerability

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G Type parameter due to incorrect boundary checking in the SetWLanRadioSettings function. An attacker could exploit the vulnerability to cause a denial of service...

D-Link DIR-823G Encryption Parameter Buffer Overflow Vulnerability

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G Encryption parameter due to incorrect bounds checking in the SetWLanRadioSecurity function, which can be exploited by an attacker to cause a denial of service...

D-Link DIR-823G Mac Parameter Buffer Overflow Vulnerability

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G Mac parameter due to incorrect boundary checking in the SetParentsControlInfo function, which can be exploited by an attacker to cause a denial of service...

D-Link DIR-823G GuardInt Parameter Buffer Overflow Vulnerability

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G GuardInt parameter due to incorrect bounds checking in the SetWLanRadioSettings function, which can be exploited by an attacker to cause a denial of service attack...

UNISOC Chipsets Security Vulnerability

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of privilege checking in Telecom. An attacker could exploit this vulnerability to cause a denial of service...

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G TXPower parameter due to incorrect boundary checking in the SetWLanRadioSettings function. An attacker could exploit this vulnerability to cause a denial of service...

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G SSID parameter due to incorrect boundary checking in the SetWLanRadioSettings function. An attacker could exploit this vulnerability to cause a denial of service...

WatchGuard EPDR Security Vulnerability

WatchGuard EPDR is an application from WatchGuard USA, Inc. prevents, detects and responds to any type of known and unknown malware as well as fileless and malware-free attacks. A security vulnerability exists in WatchGuard EPDR version 8.0.21.0002, which stems from a weak implementation of...

Security Bulletin: Vulnerability in Apache Jena-arq library affects IBM Engineering Lifecycle Optimization - Publishing

Summary IBM Engineering Lifecycle Optimization - Publishing is vulnerable to a remote attack due to Apache Jena-arq Vulnerability Details CVEID:CVE-2023-22665 DESCRIPTION: Apache Jena could allow a remote attacker to execute arbitrary code on the system, caused by improper checking of user querie...

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM Rational ClearCase.

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. CVE-2023-0466, CVE-2023-0465, CVE-2023-0464, CVE-2023-2650 Vulnerability Details CVEID:CVE-2023-0466 DESCRIPTION: OpenSSL could allow a remote attacker to bypass security restrictions...

CVE-2023-33028 Buffer Copy without Checking Size of Input in WLAN Firmware

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache...

DTS Monitoring Operating System Command Injection Vulnerability

DTS Monitoring is an information system monitoring platform from DTS Corporation. An operating system command injection vulnerability exists in DTS Monitoring version 3.57.0, which originates from the port parameter in the SSL certificate checking function being susceptible to operating system...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a company owned by MediaTek of China. A buffer error vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the CDMA PPP protocol module, which could result in out-of-bounds writes...

MediaTek Chip Input Validation Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. An input validation error vulnerability exists in the MediaTek chips, which stems from a lack of bounds checking in the rpmb module, which may result in memory corruption...

MGASA-2023-0273 Updated quictls packages fix security vulnerabilities

The updated packages fix security vulnerabilities: AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...

ABB RTU500 Series, AFS series and M2M Gateway Type Confusion in embedded OpenSSL (CVE-2023-0286)

A vulnerability exists in the OpenSSL that affects the RTU500 Series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.15 12.2.1 – 12.2.12 12.4.1 – 12.4.12 12.6.1 – 12.6.9 12.7.1 – 12.7.6 13.2.1 – 13.2.6 13.3.1 – 13.3.3 13.4.2 M2M Gateway ARM600:...