CVE-2021-20793

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory...

The vulnerability of the SSH daemon on the RouterOS operating system, specifically the hAP lite router, allows a hacker to cause a service failure.

The vulnerability of the SSH daemon in the RouterOS operating system, specifically the hAP lite router, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

CVE-2023-29004

CVE-2023-29004 affects hap-wi/roxy-wi (Roxy-WI) web interface. Versions around 6.3.9.0 and earlier are vulnerable. The flaw is a path traversal in the /app/modules/config/config.py get_config function, which only checks for relative traversals yet allows reading files from absolute paths supplied...

CVE-2023-25947

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package...

CVE-2023-25947

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package...

Null pointer dereference

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package...

CVE-2023-25947 The bundle management subsystem has a improper input validation when installing a HAP package.

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package...

PT-2023-20378 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.1.4 Description: The issue is related to a null pointer reference vulnerability in the bundle management subsystem. This can be exploited by local attackers to cause a denial-of-service DoS attack on the system...

Racy interactions between dirty vram tracking and paging log dirty hypercalls

ISSUE DESCRIPTION Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty while another CPU is still in the process of tearing down the...

CVE-2021-20793

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory...

CVE-2021-20793

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory...

Design/Logic Flaw

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory...

CVE-2021-20793

Untrusted search path vulnerability in the installer of Sony Audio USB Driver V1.10 and prior and the installer of HAP Music Transfer Ver.1.3.0 and prior allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory...

CVE-2021-20793

CVE-2021-20793 affects the installers for Sony Audio USB Driver (V1.10 and earlier) and HAP Music Transfer (V1.3.0 and earlier), due to a DLL search path issue that can cause loading of Trojan DLLs. This untrusted-search-path flaw may allow arbitrary code execution with the privileges of the user...

Citrix Hypervisor Security Update

Description of Problem Two issues have been identified in Citrix Hypervisor that may, if exploited, allow privileged code in an HVM guest VM to compromise or crash the host. These issues only apply in specific configurations; furthermore, Citrix believes that there would be significant difficulty...

CVE-2020-27672

A race condition flaw was found in the Xen code responsible for handling the updating of the hypervisor's own page tables. This flaw allows a malicious guest to cause a denial of service, host data corruption, or potential privilege escalation. The highest threat from this vulnerability is to...

aesni (>=0.7.0 <=0.9.0), aries-askar (=0.1.2) +28 more potentially affected by unknown CVE via stream-cipher (>=0.4.1 <=0.7.1)

stream-cipher CARGO version =0.4.1, =0.7.0, =0.1.1, =0.1.1, =0.1.0, =0.4.0, =0.5.0, =0.2.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0-pre.1, =0.1.0, =0.3.1, =0.3.9 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0058...

hap-guide.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-712323 Description| Value ---|--- Affected Website:| hap-guide.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

Xen Hypervisor Infinite Loop Guest-to-Host DoS (XSA-246)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by an infinite loop guest-to-host denial of service vulnerability. This issue only affects x86 systems that have 2MiB or 1GiB HAP pages enabled. ARM systems are not affected. x86 PV VMs can...

The Intel processor is now a security vulnerability: it can be used by hackers as a backdoor-a vulnerability warning-the black bar safety net

Recently, in Moscow security research Positive Technologies report notes that the Intel Management Engine 11 There is the death of button, can be used by hackers to steal. Management Engine Management Engine is Intel a Firmware Interface for processors and peripheral chip for communication, therm...