USN-6160-1: GNU binutils vulnerability

It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

USN-6160-1 binutils vulnerability

It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

CVE-2023-31439

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security...

CVE-2023-3050

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass. This issue affects Lockcell: before 15...

Design/Logic Flaw

Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15...

CVE-2023-3050

Summary: CVE-2023-3050 affects TMT Lockcell prior to version 15, due to reliance on cookies without validation or integrity checking in security decisions, allowing privilege abuse and authentication bypass. Affected product: Lockcell (TMT Lockcell) prior to v15. Vulnerability details (from provi...

The vulnerability of the Routing Protocol Demon (rpd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Data rpd in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

dottie 安全漏洞

dottie is an application from Mick Hansen's personal developer that makes it easy to find nested keys. A security vulnerability exists in versions prior to dottie 2.0.4, which stems from inadequate checking and vulnerability to prototype contamination...

The _poolId and _id values are not within the expected range and not performing appropriate bounds checking in the VAULTPROXY contract

Lines of code Vulnerability details Impact When the poolId and id values are not within the expected range and appropriate bounds checking is not performed in the contract, it can result in high risk and vulnerabilities. Here are some potential risks and vulnerabilities that can arise: 1. Invalid...

EulerOS 2.0 SP5 : openssl (EulerOS-SA-2023-2161)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to...

EulerOS Virtualization 2.11.1 : shim (EulerOS-SA-2023-2077)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were pars...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2127)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-33226

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications...

CVE-2023-21628 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command...

CVE-2022-33224

CVE-2022-33224 describes memory corruption in a Qualcomm core component caused by a buffer copy that does not check input size when processing ioctl queries. Connected sources identify the vulnerability as affecting a Qualcomm closed-source component and corroborate the issue as core memory corru...

SQL injection when using MySQL/PostgreSQL data checking

An SQL injection issue was discovered in EaseProbe before 2.1.0 when using MySQL/PostgreSQL data checking. This problem has been fixed in v2.1.0; users should upgrade to this version. The vulnerability was discovered by the Oxeye research team...

GHSA-4C32-W6C7-77X4 SQL injection when using MySQL/PostgreSQL data checking

An SQL injection issue was discovered in EaseProbe before 2.1.0 when using MySQL/PostgreSQL data checking. This problem has been fixed in v2.1.0; users should upgrade to this version. The vulnerability was discovered by the Oxeye research team...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the wlan module of the MediaTek chips, which is caused by a lack of boundary checking and may result in out-of-bounds writes...

Unisoc Chipsets 安全漏洞

UNISOC Chipsets are chipsets from China's Zilight Spreadtrum UNISOC. A security vulnerability exists in some Unisoc Chipsets, which stems from a lack of privilege checking. An attacker could exploit this vulnerability to cause a denial of service. The following chipsets are affected: SC9863A,...

Unisoc Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Unisoc Corporation UNISOC. A security vulnerability exists in Unisoc Chipsets that stems from a lack of privilege checking, which could lead to local privilege escalation without additional executive privileges...