572 matches found
SUSE CVE-2021-39255
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfsattrfindinattrdef, in NTFS-3G 2021.8.22...
SUSE CVE-2022-4450
The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...
Security Bulletin: An HTTP header injection vulnerability in IBM WebSphere Application Server Liberty (CCVE-2022-34165) affects IBM CICS TX Standard
Summary An HTTP header injection vulnerability exists in IBM WebSphere Application Server Liberty used by IBM CICS TX Standard. IBM CICS TX Standard has addressed the vulnerability CCVE-2022-34165. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0,...
Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw
Apple on Monday rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it said has been actively exploited in the wild. Tracked as CVE-2023-23529, the issue relates to a type confusion bug in the WebKit browser engine that could be activated when processing...
CVE-2022-48294
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2022-48294
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2022-41018
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2023-0397
A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in lereadbuffersizecomplete...
PT-2023-33569 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: A potential security issue has been identified in the THR handler related to Clear DFR errors. The actual impact and attack plausibility have not yet been proven. Recommendations: For versio...
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...
CVE-2022-38987
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...
Code injection
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...
Code injection
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality...
Rekono - Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically
Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced...
CVE-2022-35165
An issue in AP4SgpdAtom::AP4SgpdAtom of Bento4-1.6.0-639 allows attackers to cause a Denial of Service DoS via a crafted mp4 input...
The vulnerability of the Windows Bluetooth Driver of the Windows operating system allows a hacker to gain increased privileges.
The vulnerability of the Windows Bluetooth Driver in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2021-40030
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality...
CVE-2021-40030
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality...
The vulnerability of the Jenkins Openstack Heat Plugin is related to deficiencies in the authentication process, allowing attackers to replace the URL address.
The vulnerability of the Jenkins Openstack Heat Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to remotely replace the URL address...
CVE-2021-40030
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality...