CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...

CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...

The vulnerability of the Code Integrity protection function of the Hypervisor-protected Code Integrity mechanism in the Windows operating system allows attackers to circumvent existing security restrictions.

The vulnerability of the Code Integrity protection function of the Hypervisor-protected Code Integrity mechanism in the Windows operating system is related to security configuration errors. Exploiting this vulnerability can allow an attacker to circumvent existing security restrictions...

CVE-2021-47124

In the Linux kernel, the following vulnerability has been resolved: iouring: fix link timeout refs WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcountwarnsaturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: refcountsubandtest...

The vulnerabilities of the modules of the central processor in microprogrammed logic controllers of the MELSEC-Q Series and MELSEC-L Series allow a hacker to execute arbitrary code.

The vulnerability of the modules of the central processor in microprogrammed logic controllers of the MELSEC-Q Series and MELSEC-L Series is related to errors during the scaling of indicators. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a attacker to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the print spooler daemon on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Windows Print Spooler in operating systems related to the print queue is associated with synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the drm_bridge_get_edid function in the Meson kernel of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the drmbridgegetedid function in the Meson component of the Linux operating system is related to memory release errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the 8250_port component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the 8250port component in the Linux operating system is related to pointer swapping errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-2-1702

2.1702 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-995

2.995 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

The vulnerability of the MongoDB database management system is related to errors in the TLS certificate validation process, which allows a perpetrator to establish unauthorized connections to the MongoDB server.

The vulnerability of the MongoDB database management system is related to errors in the TLS certificate validation process. Exploiting this vulnerability allows an attacker to establish unauthorized connections to the MongoDB server remotely...

ROS-2-1598

2.1598 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

The vulnerability of the gsm_cleanup_mux function in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the gsmcleanupmux function in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

ROS-2-1374

2.1374 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

The vulnerability of the `of_node_put` function in the rk817 component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ofnodeput function in the rk817 component of the Linux operating system is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-2-1675

2.1675 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

PT-2024-2284 · Microsoft · Windows Telephony Service +1

Name of the Vulnerable Software and Affected Versions: Windows Telephony Server affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in Windows Telephony Server, which can be exploited to elevate privileges. An...

The vulnerability of the data image management software in the Veritas NetBackup Snapshot Manager environment, related to errors in the certificate validation process, allows a perpetrator to interact with the RabbitMQ service.

The vulnerability of the data image management software in the context of Veritas NetBackup Snapshot Manager lies in errors related to the authentication process. Exploiting this vulnerability allows an attacker to interact with the RabbitMQ service remotely...

The vulnerability of cloud-based data storage software for IBM Watson CP4D Data Stores lies in HTTP request processing errors, which allow attackers to compromise data integrity.

The vulnerability of cloud-based data storage software from IBM Watson CP4D Data Stores relates to errors in handling HTTP requests. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of data...