The vulnerability of the arc_emac component in the Linux operating system allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the arcemac component in the Linux operating system’s kernel is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the centralized service for supporting information about configuration, naming, distributed synchronization, and group services in Apache ZooKeeper is related to improper restrictions on operations within buffer memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the centralized service for supporting information about configuration, naming, distributed synchronization, and providing group services in Apache ZooKeeper is related to the use of the “cmd:” packet-mode syntax. Exploiting this vulnerability allows a malicious actor to...

The vulnerability of the JDBC driver pgjdbc for connecting Java programs to a PostgreSQL database lies in insufficient validation of input data. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the JDBC driver pgjdbc, which allows Java programs to connect to PostgreSQL databases, is related to the creation of arbitrary files. Exploiting this vulnerability can enable a malicious actor to compromise the confidentiality, integrity, and accessibility of protected...

The vulnerability of the watch_queue_set_filter() function in the watch_queue component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the watchqueuesetfilter function in the Linux operating system’s watchqueue component is related to memory overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the SLP UDP server slpd-lite in the OpenBMC operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the SLP UDP server slpd-lite in the OpenBMC operating system is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to compromise privacy, integrity, and accessibility by sending a specially...

The vulnerability of the formApPortalOneKeyAuth function in the Tenda i22 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formApPortalOneKeyAuth function in the Tenda i22 router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2023-20591

Improper re-initialization of IOMMU during the DRTM event may permit an untrusted platform configuration to persist, allowing an attacker to read or modify hypervisor memory, potentially resulting in loss of confidentiality, integrity, and availability...

The vulnerability of the setWizardCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK N350RT router’s software, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setWizardCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK N350RT router microprogramming system is related to the issue of data being written outside of the buffer in memory when processing the ssid parameter. Exploiting this vulnerability allows an attacker ...

The vulnerability of microprogrammed network devices from Google Nest Wifi, related to the occurrence of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogrammed network devices from Google Nest Wifi relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

CVE-2024-5712

A Cross-Site Request Forgery CSRF vulnerability was identified in the stitionai/devika application, affecting the latest version. This vulnerability allows attackers to perform unauthorized actions in the context of a victim's browser, such as deleting projects or changing application settings,...

The vulnerability of the disable_{show,store}() functions in the Linux kernel USB driver allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the disableshow,store functions in the drivers/usb/core/port.c file of the Linux kernel’s USB driver is related to an infinite waiting loop for resources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the liteuartremove() function in the LiteUART driver of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the liteuartremove function in the drivers/tty/serial/liteuart.c file of the Linux kernel’s LiteUART driver is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the msft_do_close() function in the Linux operating system’s Bluetooth kernel implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the msftdoclose function in the net/bluetooth/msft.c module of the Linux operating system’s Bluetooth protocol implementation is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker...

The vulnerability of the iwl_dbg_tlv_overrideTrigNode() function in the Intel iwlwifi wireless communication adapter driver for Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the function iwldbgtlvoverrideTrigNode in the driver drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c of the Intel iwlwifi wireless adapter driver for the Linux operating system is related to writing beyond the allocated buffer. Exploitation of this vulnerability could allow ...

The vulnerability of the ksmbd_nl_policy() function in the implementation of the SMB (Server Message Block) protocol within the in-core CIFS/SMB3-server ksmbd server of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ksmbdnlpolicy function in the fs/smb/server/transportipc.c module, which is part of the Server Message Block network protocol implementation in the ksmbd server kernel of the Linux operating system, relates to memory reading beyond the allocated buffer. Exploiting this...

The vulnerability of the formwrlSSIDget function in the microprogramming software for Tenda i21 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formwrlSSIDget /goform/wifiSSIDget function in Tenda i21 router software arises due to buffer overflow during the processing of the ssidIndex parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the __f2fs_setxattr() function in the fs/f2fs/xattr.c file of the Linux file system’s f2fs kernel module allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the f2fs file system in Linux operating systems is related to the use of an uninitialized buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the lpfc_mbx_cmpl_fc_reg_login() function in the drivers/scsi/lpfc/lpfc_hbadisc.c file of the Linux kernel allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the lpfcmbxcmplfcreglogin function in the drivers/scsi/lpfc/lpfchbadisc.c file of the Linux kernel is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...

PT-2024-6134 · Аврора · Аврора

Name of the Vulnerable Software and Affected Versions: Аврора affected versions not specified Description: The issue is related to a lack of permission control for applications accessing temporary folders in the "Аврора" operating system isolation component. Exploitation of this issue can lead to...

ROS-20240503-14

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...