Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the bonding driver not providing a network pointer to skbflowdissect. This could lead to warnings...

Linux Distros Unpatched Vulnerability : CVE-2022-25762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat...

Medium: python3-tornado

Issue Overview: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume ...

CVE-2023-46772

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data...

The vulnerability of the Qlik Sense Enterprise data analysis platform, related to errors in processing input data from higher-level components, allows a perpetrator to execute arbitrary code.

The vulnerability of the Qlik Sense Enterprise data analysis platform is related to errors in processing input data from higher-level components. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by creating specially crafted connection objects remotely...

The vulnerability of the microprogrammed control system of the ABB AC 800M is related to errors in processing input data, allowing a intruder to execute arbitrary commands.

The vulnerability of the ABB AC 800M controller’s microprogramming software is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted MMS packets remotely...

The vulnerability of the PIM protocol implementation in the Cisco IOS XE operating system allows a attacker to trigger a service failure.

The vulnerability of the Protocol Independent Multicast PIM protocol implementation in the Cisco IOS XE operating system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, and GuardLogix programmable logic controllers allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, and GuardLogix controllers is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system from a remote location...

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, and Communication Module 1756-EN4 systems allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software in Rockwell Automation’s CompactLogix, ControlLogix, GuardLogix, and Communication Module 1756-EN4 is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system remotely...

The vulnerability of the SAE H2E authentication protocol implementation in the embedded operating system OpenWrt allows a hacker to downgrade the version of the authentication protocol used.

The vulnerability of the SAE H2E authentication protocol implementation in the embedded operating system OpenWrt is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to downgrade the version of the authentication protocol used...

The vulnerability of the PDF file analysis component in the ClamAV antivirus program allows a hacker to trigger a service failure.

The vulnerability of the PDF file analysis component in the ClamAV antivirus program is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service failures when the user downloads a specially crafted PDF file for analysis...

The vulnerability of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project, a project management software, relates to errors in processing input data, allowing an attacker to execute arbitrary code.

The vulnerabilities of Microsoft Office packages, Microsoft 365 Apps for Enterprise, and Microsoft Project management software are related to errors in processing input data. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code, provided that the user opens a...

The vulnerability of the SCADA system MasterSCADA 4D, related to errors in processing input data, allows a intruder to trigger a service failure.

The vulnerability of the SCADA system MasterSCADA 4D is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Wi-Fi driver for Windows operating systems, allowing a hacker to execute arbitrary code

The vulnerability of Wi-Fi operating system Windows drivers is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted network packet...

The vulnerability of the Zabbix Workstation universal monitoring system, related to errors in processing input data, allows a intruder to execute arbitrary code.

The vulnerability of the Zabbix Workstation universal monitoring system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing a specially crafted SQL query remotely...

The vulnerability of the MSHTML platform in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the MSHTML platform in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, provided that the user opens a specially crafted file...

The vulnerability of the System Recovery Bootloader for Windows operating systems allows attackers to circumvent existing security restrictions and enhance their privileges.

The vulnerability of the System Recovery Bootloader for Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions and gain increased privileges...

The vulnerability of the Windows Message Queuing system allows a perpetrator to execute arbitrary code.

The vulnerability of Windows’ Message Queuing system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability in Intel NUC’s built-in software, related to errors in processing input data, allows attackers to exploit their privileges.

The vulnerability of Intel NUC’s built-in software is related to errors in processing input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the icmpping function in the universal monitoring system Zabbix allows a intruder to execute arbitrary code.

The vulnerability of the icmpping function in the Zabbix universal monitoring system is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...