Siemens SIMATIC RTLS Locating Manager Hidden Function Vulnerability

SIMATIC RTLS Locating Manager is used to configure, operate and maintain the SIMATIC RTLS unit, a real-time wireless positioning system that provides locating solutions. A hidden function vulnerability exists in Siemens SIMATIC RTLS Locating Manager due to an affected application containing hidde...

RHEL 5 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code...

CVE-2022-32506

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...

CVE-2022-32506

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...

CVE-2024-29150

An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8NOE-R300.1.40.12.4180 and SIP deskphones through 86x8SIP-R200.1.01.10.728. Because of improper privilege management, an authenticated attacker is able to create symlinks to sensitive and protected data in locations that are...

Alcatel-Lucent ALE NOE 安全漏洞

The Alcatel-Lucent ALE NOE is a desktop phone from Alcatel-Lucent. A security vulnerability exists in Alcatel-Lucent ALE NOE versions 86x8NOE-R300.1.40.07.4140, 86x8SIP-R200.1.01.10.728, which stems from improper privilege management and allows an authenticated attacker to create symbolic links t...

The vulnerability of the PowerPanel Business’s monitoring and management system for power sources involves insufficient protection of operational data during code debugging. This allows attackers to gain unauthorized access to account information and increase their privileges.

The vulnerability of the PowerPanel Business monitoring and power source management system is related to insufficient protection of operational data during code debugging. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to account information a...

UBUNTU-CVE-2024-27031

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...

CVE-2024-26984

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, address:...

CVE-2024-26939

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

CVE-2024-26953

In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are supposed to be released back to the system through putpage. But if t...

CVE-2024-26939

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

CVE-2024-26939 drm/i915/vma: Fix UAF on destroy against retire race

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

CVE-2024-26939 drm/i915/vma: Fix UAF on destroy against retire race

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

CVE-2024-26939 drm/i915/vma: Fix UAF on destroy against retire race

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

CVE-2024-26939

Summary (CVE-2024-26939) : In the Linux kernel, the DRM i915 driver’s VMA handling suffers a Use-After-Free when destroying a VMA during retirement race, leading to spurious frees of an active i915 VMA object. The root cause is a race between __active_retire() and i915_vma_destroy()/parked paths,...

kernel: drm: bridge: dw_hdmi: fix connector access for scdc

A vulnerability was found in the Linux kernel's DRM subsystem, specifically within the DW HDMI bridge driver .A prior commit intended to improve SCDC Source Connection Description Channel debugging changed the interface to retrieve an I2C adapter from a connector structure. However, in the dwhdmi...

[SECURITY] Fedora 40 Update: libdwarf-0.9.2-1.fc40

Library to access the DWARF debugging file format which supports source level debugging of a number of procedural languages, such as C, C++, and Fortran. Please see http://www.dwarfstd.org for DWARF specification...

The vulnerability of the TP-Link Device Debug protocol implementation in the microprogramming software for wireless access points Tp-Link AC1350 and Tp-Link N300 allows a hacker to cause service failure.

The vulnerability of the TP-Link Device Debug protocol implemented in the microsoftware for wireless access points Tp-Link AC1350 and Tp-Link N300 is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow a malicious actor to cause service failures by sendin...

SUSE CVE-2021-47191

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix out-of-bound read in respreadcap16 The following warning was observed running syzkaller: 3813.830724 sgwrite: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in; 3813.830724 program...