7652 matches found
Juniper Networks Junos OS 代码问题漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, Junos OS Evolved, which results in a denial of...
Security Bulletin: Speech to Text, Text to Speech ICP, WebSphere Application Server Liberty Fix
Summary An information disclosure in WebSphere Application Server - Liberty Medium CVE-2020-4329 has been fixed in WebSphere Application Server Liberty 20.0.0.5, included in ICP WatsonTexttoSpeech and Speech to Text v1.1.2 GA: 6/19/20. Vulnerability Details CVEID:CVE-2020-4329 DESCRIPTION: IBM...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim (CVE-2022-1621)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim CVE-2022-1621 caused by improper bounds checking in the vimstrncpy findword component. Vim is used as part of the base image included in our service components. Please read...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking.(CVE-2021-3634).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking CVE-2021-3634. Libssh, included in RedHat, is used in the base operating system by IBM Watson Speech. Please read the details for...
RUSTSEC-2023-0002 git2 Rust package suppresses ssh host key checking
By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2023-1185)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-4499 The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...
CVE-2021-26402
Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...
CVE-2021-26409
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
CVE-2021-26404
Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...
Out-of-bounds
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
Input validation
Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...
AMD System Management Unit(SMU) 缓冲区错误漏洞
The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. A security vulnerability exists in the AMD System Management Unit SMU that stems from insufficient bind checking and could allow an attacker to update the sender/receiver address space to an invalid value...
CVE-2021-26409
Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...
CVE-2021-26409
CVE-2021-26409 affects AMD SEV-ES, where insufficient bounds checking can corrupt the Reverse Map (RMP) memory, potentially compromising SNP memory integrity. Public references identify AMD SEV-ES-related memory integrity risk; mitigation guidance is distributed via AMD’s PSU/AGS updates (AMD-SB-...
CVE-2021-26404
Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...
CVE-2021-26404
Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...
CVE-2021-26404
CVE-2021-26404 affects AMD SEV firmware; root cause is improper input validation and bounds checking that may leak scratch buffer bytes, potentially leading to information disclosure. Documents indicate mitigations via AMD’s BIOS updates (AMD-SB-1032) with platform-specific versions (e.g., MilanP...
CVE-2021-26402
Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...
CVE-2021-26402
CVE-2021-26402 describes insufficient bounds checking in the AMD Secure Processor (ASP) firmware during BIOS mailbox handling, enabling an attacker to write partially controlled data out-of-bounds into SMM or SEV-ES regions and potentially compromise integrity and availability. The issue is discu...