CVE-2024-53207 Bluetooth: MGMT: Fix possible deadlocks

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible deadlocks This fixes possible deadlocks like the following caused by hcicmdsyncdequeue causing the destroy function to run: INFO: task kworker/u19:0:143 blocked for more than 120 seconds. Tainted: G ...

The vulnerability of the msp_info_htm function in D-Link DI-8400 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in D-Link DI-8400 router microprogramming software is related to the lack of measures taken to neutralize special elements used in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands when processing the flag a...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

D-Link DI-8200 安全漏洞

The D-Link DI-8200 is an enterprise router from China-based AUO D-Link. The D-Link DI-8200 suffers from a command injection vulnerability that stems from a remote command execution vulnerability in the flag parameter and cmd parameter of the mspinfohtm function. No details of the vulnerability ar...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-51151

CVE-2024-51151 affects the D-Link DI-8200 with firmware 16.07.26A1. The vulnerability is a remote command execution in the msp_info_htm function, exploitable via the flag parameter and the cmd parameter. The connected documents consistently describe this issue as a command injection/remotely expl...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds issue in the ucsiccgupdatesetnewcamcmd function...

ESET NOD32 Antivirus 18.0.12.0 Unquoted Service Path

Exploit Title: ESET NOD32 Antivirus 18.0.12.0 - "ESET Service" Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-11-02 Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor :...

CVE-2024-48200

An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd conhost.exe...

CVE-2024-48200

An issue in MobaXterm v24.2 allows a local attacker to escalate privileges and execute arbitrary code via the remove function of the MobaXterm MSI is spawning one Administrative cmd conhost.exe...

PT-2024-16133 · Mattermost +2 · Mattermost +2

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.9 Description: The issue arises when ElasticSearch is enabled, and Mattermost fails to properly filter channel data. This allows a user to obtain private channel names by using the cmd+K/ctrl+K shortcut...

PT-2024-32344 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible stack variable use after free in the ufshc scsi cmd function of ufs.c. This could lead to local escalation of privilege with no additional execution...

CVE-2024-10195

A vulnerability was found in Tecno 4G Portable WiFi TR118 V008-20220830. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/goformgetcmdprocess of the component SMS Check. The manipulation of the argument orderby leads to sql injection...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-46689)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46689 advisory. - In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as...

SUSE CVE-2024-47661

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow from uint32t to uint8t WHAT & HOW dmubrbcmd's rampingboundary has size of uint8t and it is assigned 0xFFFF. Fix it by changing it to uint8t with value of 0xFF. This fixes 2 INTEGEROVERFLOW issues...