The vulnerability of the Pragmatic General Multicast protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Pragmatic General Multicast protocol implementation in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

golang: html/template: improper handling of special tags within script contexts

A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...

The vulnerability of the libraw_cxx.cpp component in the LibRaw image processing library allows a intruder to trigger a service failure.

The vulnerability of the librawcxx.cpp component in the LibRaw image processing library is related to pointer dereferencing errors. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the setup_group function in the elf.c component of the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the setupgroup function in the elf.c component of the GNU Binutils development environment is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure...

PT-2023-6933 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom affected versions not specified Description: The issue is related to cryptographic problems with In-Meeting Chat for some Zoom clients, which may allow a privileged user to disclose information via network access. This could potentially...

PT-2023-6993 · Siemens · Scalance M826-2 Shdsl-Router +16

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RM1224 LTE4G EU versions V8.0 RUGGEDCOM RM1224 LTE4G NAM versions V8.0 SCALANCE M804PB versions V8.0 SCALANCE M812-1 ADSL-Router versions V8.0 SCALANCE M816-1 ADSL-Router versions V8.0 SCALANCE M826-2 SHDSL-Router versions V8.0...

PT-2023-6950 · Microsoft · Windows Kernel +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Windows operating system kernel. This can allow an attacker to elevate their privileges. The...

The vulnerability of the res_query function in the GNU C Library’s system library allows a attacker to cause a service failure.

The vulnerability of the resquery function in the GNU C Library’s system library is related to pointer arithmetic errors. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the dwarf2.c component in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the dwarf2.c component in the GNU Binutils development environment is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker, operating remotely, to trigger a service failure using a specially created ELF file...

AuctionDemo opens itself several DoS attack vectors

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept The auctionDemo.auctionInfoData map holds important info on auctions, and hold this info per tokenId. Needless to say, for many auctions that may become popular and/or long running, the...

The vulnerabilities of the `setsockopt` and `getsockopt` functions in the Linux operating system’s kernel allow attackers to influence the confidentiality, integrity, or accessibility of information.

The vulnerability of the setsockopt and getsockopt functions in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, or accessibility of...

The vulnerability of Intel Microcode processors lies in the possibility of unauthorized errors causing malfunctions in backup equipment. This allows attackers to gain access to confidential data, compromise its integrity, and even cause service failures.

The vulnerability of Intel Microcode processors lies in the possibility that backup equipment may malfunction due to unauthorized introduction of errors. Exploiting this vulnerability can allow a perpetrator to gain access to confidential data, compromise its integrity, and even cause service...

The vulnerability of the get_register function in the Vim text editor allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the getregister function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures...

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to trigger a service failure.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the jcopy_sample_rows() function in the Libjpeg-turbo image processing library allows a hacker to cause a service failure.

The vulnerability of the jcopysamplerows function in the Libjpeg-turbo image processing library is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially created file...

The vulnerability of the WAF engine for Apache ModSecurity, related to security configuration errors, allows attackers to bypass existing network firewall rules.

The vulnerability of the WAF engine for Apache ModSecurity is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass existing network firewall rules...

USN-6474-1: xrdp vulnerabilities

It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822 It was...

CVE-2023-46772

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data...

CVE-2023-46772

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data...

CVE-2023-46772

CVE-2023-46772 describes a vulnerability in the QMI service module where parameters are out of the value range. The resulting behavior can cause errors when reading file data. Connected sources corroborate the same root cause and describe the impact as reading-file-data errors, with several refer...