CVE-2023-33105 Configuration Issue in WLAN Host and Firmware

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number...

CVE-2023-33105 Configuration Issue in WLAN Host and Firmware

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number...

PT-2024-12411 · Wlan Host +1 · Wlan Host +1

Name of the Vulnerable Software and Affected Versions: WLAN Host and Firmware affected versions not specified Description: The issue is related to a transient Denial of Service DOS in WLAN Host and Firmware. This occurs when a large number of open authentication frames are sent with an invalid...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service in the WLAN host and firmware when a large number of open authentication frames with invalid transaction sequence numbers are sent...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from memory corruption when parsing beacon/probe response frames when the AP sends more supported links in MLIE...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that results from a denial of service when processing incorrectly formatted 802.11az Fine Time Measurement Protocol frames...

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from an error in the calculation of the nhoff value when raw PTP Ethernet frames larger than 256 bytes in size and in 0xff mode are sent...

SUSE CVE-2024-27285

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...

DEBIAN-CVE-2021-47064

In the Linux kernel, the following vulnerability has been resolved: mt76: fix potential DMA mapping leak With buf uninitialized in mt76dmatxqueueskbraw, its field skipunmap could potentially inherit a non-zero value from stack garbage. If this happens, it will cause DMA mappings for MCU command...

CVE-2021-47064

In the Linux kernel, the following vulnerability has been resolved: mt76: fix potential DMA mapping leak With buf uninitialized in mt76dmatxqueueskbraw, its field skipunmap could potentially inherit a non-zero value from stack garbage. If this happens, it will cause DMA mappings for MCU command...

CVE-2024-20294

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields i...

UBUNTU-CVE-2024-27285

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in incorrect restrictions on the number of user interface layers or frames that can be displayed. This allows attackers to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an incorrect limitation on the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

DEBIAN-CVE-2024-27285

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...

PT-2024-21793 · Yard +4 · Yard +4

Name of the Vulnerable Software and Affected Versions: YARD versions prior to 0.9.36 Description: The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of th...

CVE-2023-6533

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device will not be acknowledged by the controller. This vulnerability exists in PC Controller v5.54.0, and...

CVE-2023-6533 Silicon Labs PC Controller Denial of Service Vulnerability

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device will not be acknowledged by the controller. This vulnerability exists in PC Controller v5.54.0, and...

SUSE CVE-2024-1580

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d...

PT-2024-14999 · Unknown · Pc Controller

Name of the Vulnerable Software and Affected Versions: PC Controller versions prior to 5.54.0 Description: The issue arises from malformed Device Reset Locally Command Class packets being sent to the controller. This causes the controller to incorrectly assume that the end device has left the...

Fedora 38 : syncthing (2024-b93312a597)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b93312a597 advisory. Update to version 1.27.3. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3 This update also addresses CVE-2023-49295 in quic-go:...