38 matches found
Qualcomm Chipsets security vulnerabilities
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities arise from the exposure of information when processing advertisement frames that contain format-errors MBSSID...
CVE-2026-43162
In the Linux kernel, the media: tegra-video path has a memory leak in __tegra_channel_try_format() caused by failing to free the allocated __v4l2_subdev_state (sd_state) in two error paths after v4l2_subdev_call() failures. The fix introduces a cleanup label and goto-based error handling to ensur...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from the improper handling of format errors in response frames during wireless roaming. The invalid header structure of these fram...
SUSE CVE-2026-31521
In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...
Apache Traffic Server 安全漏洞
Apache Traffic Server ATS is a scalable HTTP proxy and caching server developed by the Apache Foundation in the United States. There are security vulnerabilities in Apache Traffic Server versions 9.2.12 and earlier, as well as 10.1.1 and earlier versions. These vulnerabilities stem from an error ...
CVE-2026-5313
A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
astral-tokio-tar 安全漏洞
astral-tokio-tar is an open-source Rust library developed by Astral. Versions of astral-tokio-tar 0.5.6 and earlier contain security vulnerabilities. These vulnerabilities stem from a silent skipping of format-errors PAX extensions during the parsing of tar archives. Such behavior could potential...
Ampere Computing多款产品 安全漏洞
Ampere Computing AmpereOne AC03 and others are a processor chip from Ampere Computing, USA. A security vulnerability exists in various Ampere Computing products, which stems from an SMC call format error that could result in an out-of-bounds write to the PCIe driver S-EL0 address space. The...
EUVD-2020-6070
Malware in sbrugna...
Incorporating Taxonomies of Cyber Incidents into Detection Networks for Improved Detection Performance
Many taxonomies exist to organize cybercrime incidents into ontological categories. We examine some of the taxonomies introduced in the literature; providing a framework, and analysis, of how best to leverage different taxonomy structures to optimize performance of detections targeting various...
PHP Exec, PHP Command, Double Reverse TCP Connection (via Perl)
Execute a PHP payload from a command. Creates an interactive shell via perl Module Options msf use payload/cmd/unix/php/reverseperl msf payloadreverseperl show actions ...actions... msf payloadreverseperl set ACTION msf payloadreverseperl show options ...show and set options... msf...
kernel security update
5.14.0-503.21.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
ALPINE-CVE-2024-34459
An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak caused by a blob format error...
SUSE CVE-2021-46943
In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix setfmt error handling If there in an error during a setfmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating 4GiB of RAM and causin...
CVE-2021-46943
In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix setfmt error handling If there in an error during a setfmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating 4GiB of RAM and causin...
DEBIAN-CVE-2021-46943
In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix setfmt error handling If there in an error during a setfmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating 4GiB of RAM and causin...
Exploit for Improper Authentication in Ivanti Connect_Secure
CVE-2023-46805 Scanner CVE-2023-46805 Scanner for possible...
SUSE CVE-2018-5734
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected...
Code injection
When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product:...