The vulnerability of Microprogramming Software in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) relates to pointer arithmetic errors, which allow attackers to trigger service failures.

The vulnerability of Microprogramming Software in Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to pointer arithmetic errors. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the Squid proxy server, related to errors in processing input data, allows a hacker to cause a service failure.

The vulnerability of the Squid proxy server is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted ESI packets...

The vulnerability of the password-changing function of the Cisco Firepower Management Center (FMC) software interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the password-changing function in the Cisco Firepower Management Center FMC software for network administration involves errors in handling requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

ROS-20241031-01

A vulnerability in the nilfs2 component of the Linux operating system kernel is related to improper error handling in the nilfsgetblock function in fs/nilfs2/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the nilfs2 component of...

ROS-20241031-02

A vulnerability in the qcom component of the Linux operating system kernel is related to read errors outside of bounds in the F function in drivers/clk/qcom/gcc-ipq9574.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the mm/memory-failu...

kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create

A flaw was found in the Linux kernel in which a system crash can occur if there are certain errors establishing RPC-over-RDMA connections...

Potential Vulnerabilities When Deviating From ARM® AXI Standard Protocol

Revisions Revision Date| Description ---|--- 2025-04-21| Added new researcher paper from same research team 2024-10-30| Initial publication DISCLAIMER The information contained herein is for informational purposes only and is subject to change without notice. While every precaution has been taken...

CVE-2024-47401

Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1 and 9.5.x = 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the SCSI component in the Linux operating system is related to errors in resource management in the pqimapqueues function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the dm-crypt component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the dm-crypt component in the Linux operating system’s kernel is related to resource management errors during authentication. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Spring Framework software platform, related to resource release errors, allows attackers to trigger service failures.

The vulnerability of the Spring Framework software platform is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability in the web interface for managing microprogrammed software devices of Cisco Analog Telephone Adapter (ATA) series 190 allows a perpetrator to execute commands on behalf of the Admin user.

The vulnerability of the web interface for managing microprogrammed software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to access control errors. Exploiting this vulnerability allows a malicious actor to execute commands on behalf of the Admin user by sending a...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost version 9.10.2 and prior 9.10.x, version 9.11.1 and prior 9.11.x, and version 9.5.9 and prior 9.5.x stems from an inability to prevent the display of detailed err...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially crafte...

The vulnerability of the Spring Framework software platform, related to resource release errors, allows attackers to trigger service failures.

The vulnerability of the Spring Framework software platform is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service failures...

ROS-20241029-07

The vulnerability in Buildah container image management tool is related to input validation errors in the directory traversal sequences in cache mounts. Exploitation of the vulnerability could allow an infringing user to escalate privileges on the system...

The vulnerability of the UEFI Firmware component of Intel microprocessor software arises from synchronization errors when using common resources, allowing attackers to escalate their privileges.

The vulnerability of the UEFI Firmware component of Intel microprocessors stems from synchronization errors when using common resources. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bpf component in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the UEFI Firmware component of Intel microprogramming systems, related to resource release errors, allows a hacker to cause a system failure.

The vulnerability of the UEFI Firmware component of Intel microprocessors is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause system failures...

The vulnerability of the microprogrammed control system of the ABB AC 800M is related to errors in processing input data, allowing a intruder to execute arbitrary commands.

The vulnerability of the ABB AC 800M controller’s microprogramming software is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted MMS packets remotely...