380 matches found
USN-7069-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - CPU frequency scaling framework; - HW tracing; - ISDN/mISDN subsystem; -...
GHSA-P652-XCGX-F85M "powermail" (powermail) Insecure Direct Object Reference (IDOR)
An issue was discovered in powermail extension through 12.3.5 for TYPO3. It fails to validate the mail parameter of the confirmationAction, resulting in Insecure Direct Object Reference IDOR. An unauthenticated attacker can use this to display the user-submitted data of all forms persisted by the...
undertow: LearningPushHandler can lead to remote memory DoS attacks
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
SUSE CVE-2022-48865
In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...
USN-6818-4: Linux kernel (HWE) vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...
CVE-2024-25533
Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website /WorkFlow/OfficeFileUpdate.aspx. This vulnerability can allow attackers to write files to the server or execute arbitrary commands via crafted SQL statements...
CVE-2024-29206
An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Version 1.1.18 and earlier UniFi Connect EV Station Pro Version 1.1.18 and earlier UniFi...
OpenSSL Security Advisory [28th March 2023] (CVE-2023-0465, CVE-2023-0466)
Multiple OpenSSL Vulnerabilities released on28th March 2023 Invalid certificate policies in leaf certificates are silently ignored CVE-2023-0465 ========================================================= Applications that use a non-default option when verifying certificates may be vulnerable to an...
CVE-2021-47086
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1 We'd...
CVE-2021-47086
In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1 We'd...
CVE-2023-52575
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2021-47025
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtkiommuruntimeresume always enable the clk, even if m4udom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: 1.586104...
SUSE-SU-2024:0589-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2021-3638: hw/display/ati2d: Fix buffer overflow in ati2dblt bsc1188609 - CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request bsc1213925 - CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake...
CVE-2024-1044 Customer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_review
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
openssl: Denial of service by excessive resource usage in verifying X509 policy constraints
A security vulnerability has been identified in all supported OpenSSL versions related to verifying X.509 certificate chains that include policy constraints. This flaw allows attackers to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of...
PT-2024-14671
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue occurs when switching to another HDMI mode, causing unnecessary disabling/enabling of FIFO, which leads to both HPO and DIG registers being set at the same time. This can resul...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Nov-2023 Release 1, which stems from an improper access control vulnerability in the SecSettings module. An...
WatchGuard EPDR Security Vulnerability
WatchGuard EPDR is an application from WatchGuard USA, Inc. prevents, detects and responds to any type of known and unknown malware as well as fileless and malware-free attacks. A security vulnerability exists in WatchGuard EPDR version 8.0.21.0002, which stems from the fact that an attacker can...
CVE-2023-30727
Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction...
CVE-2023-21192
In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java, there is a possible way to setup input methods that are not enabled due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...