68 matches found
ROS-20241205-01
The vulnerability of the asm-bug component of the Linux operating system kernel is related to incorrect error handling in arch/arm64/include/asm/asm-bug.h. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service A vulnerability in the sr component of the...
Sensitive Information Exposure
calibreweb is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper error handling, exposing the names of private shelves in error messages when unauthorized users attempt to remove a book from a shelf they do not own...
Unspecified vulnerability in Linux kernel (CNVD-2024-46451)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the iommupagingdomainalloc function not returning a null pointer, but an error pointer. No details of the...
Full Path Disclosure
Drupal is vulnerable to Full Path Disclosure. The vulnerability is due to improper error handling in core/authorize.php when hashsalt is set to the filegetcontents of a non-existent file...
CVE-2023-50019
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of NudmUECMRegistration response...
PT-2025-18822 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the net/mlx5 component related to E-Switch. The issue involves an error in error handling code where it...
PT-2023-28018 · Grupposcai · Realgimm
Name of the Vulnerable Software and Affected Versions: GruppoSCAI RealGimm version 1.1.37p38 Description: An improper error handling issue in the ErroreNonGestito.aspx component allows attackers to obtain sensitive technical information via a crafted SQL query. Recommendations: For GruppoSCAI...
CVE-2023-1768 Symmetric agent data encryption fails silently
Inappropriate error handling in Tribe29 Checkmk = 2.1.0p25, = 2.0.0p34, = 2.2.0b3 beta, and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations...
CVE-2023-23006
In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/drdomain.c misinterprets the mlx5getuarspage return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2023-22997
In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the modulegetnextpage return value expects it to be NULL in the error case, whereas it is actually an error pointer...
PT-2023-33334 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue concerns error handling in the iavf init module function. It was introduced in version v4.6 and fixed in version v5.10.158. The actual impact and attack plausibility have not yet...
PT-2022-36303 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue concerns error handling in the ata tdev add function. It was introduced in version v2.6.37 and fixed in version v5.10.156. The actual impact and attack plausibility have not yet...
PT-2022-36002 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue concerns error handling in the ata tport add function. It was introduced in version v2.6.37 and fixed in version v6.0.10. The actual impact and attack plausibility have not yet bee...
PT-2022-33425 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to an error handling path in the meson mmc probe function. It was introduced in version v4.18 and fixed in Linux Kernel version v5.19.4. The actual impact and attack...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-22450)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the web UI of Cisco IOS XE. The vulnerability stems from insufficient error handling in the web UI. An attacker can exploit this...
CVE-2019-19950
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c...
CVE-2018-20856
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an blkdrainqueue use-after-free because a certain error case is mishandled...
CVE-2017-8072
The cp2112gpiodirectioninput function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors...
SUSE-SU-2017:0412-1 Security update for mariadb
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
SUSE-SU-2017:0411-1 Security update for mariadb
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...