CVE-2026-45676 OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

CVE-2024-43424

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...

CVE-2024-43424

CVE-2024-43424 affects Sharp and Toshiba Tec MFPs. The vulnerability arises from improper processing of HTTP request headers, leading to an out-of-bounds read. This can cause crafted HTTP requests to crash affected products. Documents indicate remediation via firmware updates from the vendors, an...

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

CVE-2022-48785

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

CVE-2023-41779 Illegal Memory Access Vulnerability of ZTE's ZXCLOUD iRAI

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed...

CVE-2023-41779 Illegal Memory Access Vulnerability of ZTE's ZXCLOUD iRAI

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed...

Moderate: Red Hat Security Advisory: avahi security update

An update for avahi is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

SUSE CVE-2020-14852

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Charsets. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

gdm bug fix and enhancement update

The GNOME Display Manager GDM provides the graphical login screen. The screen is shown shortly after boot, after log out, and when switching the current user. Bug Fixes and Enhancements: gdm crashed in ensuredisplayforseat, can't login to the GUI BZ2036584...

Cobian Backup 11 Gravity 11.2.0.582 Denial Of Service

Exploit Title: Cobian Backup 11 Gravity 11.2.0.582 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-02-16 Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/cbSetup.exe Tested Version: 11.2.0.582 Vulnerability Type:...

Telegram Desktop 2.9.2 - Denial of Service Exploit

Exploit Title: Telegram Desktop 2.9.2 - Denial of Service PoC Exploit Author: Aryan Chehreghani Vendor Homepage: https://telegram.org Software Link: https://telegram.org/dl/desktop/win64 Tested Version: 2.9.2 x64 Tested on OS: Windows 10 Enterprise About App Telegram is a messaging app with a foc...

Telegram Desktop 2.9.2 - Denial of Service (PoC)

Exploit Title: Telegram Desktop 2.9.2 - Denial of Service PoC Exploit Author: Aryan Chehreghani Date: 2021-08-30 Vendor Homepage: https://telegram.org Software Link: https://telegram.org/dl/desktop/win64 Tested Version: 2.9.2 x64 Tested on OS: Windows 10 Enterprise About App Telegram is a messagi...

PT-2020-3489 · Canonical +1 · Apport +2

Name of the Vulnerable Software and Affected Versions: apport versions prior to 2.20.1-0ubuntu2.24 apport versions 2.20.9 prior to 2.20.9-0ubuntu7.16 apport versions 2.20.11 prior to 2.20.11-0ubuntu27.6 Description: The issue exists due to insufficient checking of a shared resource's state in the...

Calavera UpLoader 3.5 - (FTP Logi) Denial of Service (PoC + SEH Overwrite) Exploit

Exploit Title: Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service PoC + SEH Overwrite Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/463c9e7fe9a39888d3c01bc9ad756bba-UpSetup.exe Version: 3.5 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Sadly enough, this...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1630-1)

This update for xen fixes the following issues : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling SRBDS or 'CrossTalk'...

openSUSE Security Update : xen (openSUSE-2020-599)

This update for xen fixes the following issues : Security issues fixed : - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1138-1)

This update for xen fixes the following issues : Security issues fixed : CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. CVE-2020-11739: Missing memory barriers in read-write unlock paths...

AbsoluteTelnet 11.12 - _license name_ Denial of Service (PoC)

AbsoluteTelnet 11.12 - license name Denial of Service PoC Exploit Title: AbsoluteTelnet 11.12 - "license name" Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-02-05 Vendor Homepage: https://www.celestialsoftware.net/ Software Link :...