79 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-0520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the...
ROS-20241101-02
A vulnerability in the vmxnet3 component of the Linux operating system kernel is related to resource management errors in the vmxnet3processxdp function in drivers/net/vmxnet3/vmxnet3xdp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in t...
UBUNTU-CVE-2024-47732
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to iaacompressionmodesi-free a few lines later resulting in a use after free. The goo...
DEBIAN-CVE-2024-43874
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...
crypto: sun8i-ce - Fix use after free in unprepare
...
SUSE CVE-2024-27061
In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce - Fix use after free in unprepare sun8icecipherunprepare should be called before cryptofinalizeskcipherrequest, because client callbacks may immediately free memory, that isn't needed anymore. But it will be used...
CVE-2024-27061
In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce - Fix use after free in unprepare sun8icecipherunprepare should be called before cryptofinalizeskcipherrequest, because client callbacks may immediately free memory, that isn't needed anymore. But it will be used...
SUSE CVE-2023-30586
A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine API can be used to bypass...
Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition...
CVE-2020-3690
u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...
Code injection
u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...
CVE-2020-3690
u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...
Cisco IOS Software Integrated Services Module for VPN DoS (cisco-sa-20180328-dos)
According to its self-reported version, Cisco IOS Software is affected by a vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN due to insufficient handling of VPN traffic by the affected device. An unauthenticated, remote attacker can exploit this by sendin...
CVE-2019-2323
Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
Code injection
Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
CVE-2019-2323
Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
The vulnerability of the Qualcomm Crypto Engine (QCE) encryption driver of the Android operating system allows a hacker to execute arbitrary code within the kernel context.
The vulnerability of the Qualcomm Crypto Engine QCE encryption driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code within the kernel context...
Cisco IOS Software Integrated Services Module for VPN crypto engine denial of service vulnerability
Cisco IOS Software is an operating system developed by Cisco for its network devices.Integrated Services Module for VPN ISM-VPN is one of the integrated services modules for VPN. crypto engine is one of the encryption engines. A resource management error vulnerability exists in the crypto engine...
Design/Logic Flaw
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient handling of VPN traffi...
CVE-2018-0154
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient handling of VPN traffi...