KLA12429 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Service Worker API can be exploited to cause denial of servic...

Stable Channel Update for Desktop

The Stable channel has been updated to 97.0.4692.99 for Windows, Mac and Linux which will roll out over the coming days/weeks. Extended stable channel has also been updated to 96.0.4664.110 for Windows and Mac which will roll out over the coming days/weeks A full list of changes in this build is...

CVE-2020-10137

Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FINDNODEINRANGE frames, allowing a remote, unauthenticated attacker to inject a FINDNODEINRANGE frame with an invalid random payload, denying service by blocking the processing of upcoming...

GSD-2021-1002735 mac80211: track only QoS data frames for admission control

mac80211: track only QoS data frames for admission control This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.11 by commit...

GSD-2021-1002692 mac80211: track only QoS data frames for admission control

mac80211: track only QoS data frames for admission control This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.88 by commit...

GSD-2021-1002670 mac80211: track only QoS data frames for admission control

mac80211: track only QoS data frames for admission control This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...

GSD-2021-1002647 mac80211: track only QoS data frames for admission control

mac80211: track only QoS data frames for admission control This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by commit...

SUSE-SU-2021:4168-1 Security update for libvpx

This update for libvpx fixes the following issues: - CVE-2020-0034: Fixed out-of-bounds read on truncated key frames bsc1166066...

python-eventlet: improper handling of highly compressed data and memory allocation with excessive size allows DoS

A flaw was found in eventlet. If an unauthenticated user manages to send large websocket frames or highly compressed data frames that can lead to memory exhaustion. An attacker could use this flaw to cause a denial of service DoS...

CVE-2020-12140

A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames...

CVE-2020-12140

A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames...

Buffer overflow

A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames...

Security Bulletin: This Power System update is being released to address CVE-2018-5391

Summary POWER9: In response to a denial of service vulnerability, a new Power Systems firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-5391. A remote attacker could use large IP frames to trigger time and calculation expensive calls in the...

CVE-2021-40288

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames...

TP-Link AX10安全漏洞

TP-Link AX10 is a router from Tp-link, China. TP-Link AX10 has a security vulnerability that could be exploited to disconnect a connected wireless client by sending a spoofed authentication frame specific to the wireless adapter...

PT-2021-7051 · Tp Link · Tp-Link Ax10

Name of the Vulnerable Software and Affected Versions: TP-Link AX10v1 version V1 211014 and earlier Description: A denial-of-service attack in WPA2 and WPA3-SAE authentication methods allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending wireless...

ALPINE-CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

UBUNTU-CVE-2021-28704

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

UBUNTU-CVE-2021-28707

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

Packet Injection

kernel is vulnerable to packet injection. The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even when sent in plaintext and process them as full unfragmented frames...