kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow

A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct or WiFi peer-to-peer driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network...

AZL-6833 CVE-2018-21035 affecting package qt5-qtsvg for versions less than 5.12.11-3

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption...

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

SAN FRANCISCO — A serious vulnerability in Wi-Fi chips has been discovered that affects billions of devices worldwide, according to researchers. It allows attackers to eavesdrop on Wi-Fi communications. The bug CVE-2019-15126 stems from the use of an all-zero encryption key in chips made by...

CVE-2019-16336

The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers in radio range to cause a denial of service crash via a crafted BLE Li...

Buffer overflow

The Bluetooth Low Energy BLE stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to zero. This allows attackers within radio range to cause...

Design/Logic Flaw

A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

PT-2020-4061 · Nghttp2 +9 · Nghttp2 +9

Name of the Vulnerable Software and Affected Versions: nghttp2 versions prior to 1.41.0 Description: The issue is related to the handling of HTTP/2 SETTINGS frames in nghttp2, where an overly large frame payload can cause a denial of service. A malicious client can construct a SETTINGS frame with...

SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0059-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

This update for nodejs12 fixes the following issues : Update to LTS release 12.13.0 jscSLE-8947. Security issues fixed : CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations bsc1146091. CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable t...

Security Bulletin: A security vulnerability has been identified in nginx shipped with PowerAI Vision

Summary Multiple vulnerabilities CVE-2019-9516, CVE-2019-9515, CVE-2019-9517, CVE-2019-9518, CVE-2019-9511, CVE-2019-9513 in nginx Vulnerability Details CVEID: CVE-2019-9516 DESCRIPTION: Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The...

NewStart CGSL CORE 5.05 / MAIN 5.05 : spice-gtk Vulnerability (NS-SA-2019-0257)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has spice-gtk packages installed that are affected by a vulnerability: - Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause th...

CVE-2018-10893

Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

Red Hat JBoss Enterprise Application Platform 7.x < 7.2.5 Multiple Vulnerabilities

The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 7.x prior to 7.2.5. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:4021 advisory: - undertow: HTTP/2: large amount of data requests leads to denial of service...

Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed the following vulnerabilities in Node.js CVE-2019-9511, CVE-2019-9516, CVE-2019-9512, CVE-2019-9517, CVE-2019-9518, CVE-2019-9515, CVE-2019-9513, CVE-2019-9514 Vulnerability Details CVEID: CVE-2019-9511 DESCRIPTION: Some HTTP/2 implementation...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...