CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

CVE-2024-43911

CVE-2024-43911—Linux kernel wifi/mac80211 NULL pointer dereference fix . The vulnerability occurs in the MLD path during band/tx BA session initialization where link_data/link_conf may not point to vif->bss_conf, risking a NULL chan and a kernel crash. The fix adds explicit checks on ht_suppor...

The vulnerability of the software development package Azure IoT SDK for C lies in its memory management after memory is released. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Azure IoT SDK for C development software package lies in the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

SUSE: Security Advisory (SUSE-SU-2024:2999-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

File Upload Vulnerability in MSG5200-2GEC-4E-X4 and MSG2100E-UPON-4V at Risecomm Technology Development Co.

Ltd. is an industry-leading provider of optical networking products and system solutions. A file upload vulnerability exists in the MSG5200-2GEC-4E-X4 and MSG2100E-UPON-4V of Risecomm Technology Development Corporation, which can be exploited by an attacker to gain server privileges...

SUSE: Security Advisory (SUSE-SU-2024:2993-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:2978-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

edk2: Temporary DoS vulnerability

A divide-by-zero vulnerability was found in edk2. A successful exploit of this vulnerability may lead to a loss of availability...

Microsoft Security Update Validation Report August 2024

Microsoft’s August 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

RUSTSEC-2024-0363 Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

SUSE: Security Advisory (SUSE-SU-2024:2900-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-42437

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-42438

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-42435

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-42434

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-39824

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-39818

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access...

Exploit for Out-of-bounds Write in Microsoft

Windows DWM Core Library Elevation of Privilege Vulnerability...

PT-2024-29943 · Zoom · Zoom Sdks +3

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers affected versions not specified Description: The issue allows a privileged user to conduct an information disclosure via network access. This affects some Zoom Workplace Apps,...

Zoom多款产品 安全漏洞

Zoom Rooms and others are products of Zoom Corporation, USA.Zoom Rooms is a software-based conferencing system.Zoom Meeting SDK is a development kit.Zoom Workplace is a desktop application software. A security vulnerability exists in a number of Zoom products. An attacker exploiting this...