884 matches found
GL.iNet AX1800 Security Vulnerability
The GL.iNet AX1800 is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet AX1800 version 4.0.0 prior to 4.5.0, which originated from a vulnerability that allows attackers to execute arbitrary code via the upload API function...
PT-2023-30460 · Gl.Inet · Gl-Inet Ax1800
Name of the Vulnerable Software and Affected Versions: GL.iNet AX1800 versions 4.0.0 through 4.4.x Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the gl nas sys authentication function. This enables the attacker to potentially gain unauthorized...
PT-2023-30459 · Gl.Inet · Gl-Inet Ax1800
Name of the Vulnerable Software and Affected Versions: GL.iNet AX1800 versions 3.215 and before Description: The issue allows a remote attacker to execute arbitrary code via the file sharing function. This is due to an Insecure Permissions vulnerability. Recommendations: For versions 3.215 and...
CLSA-2023-1697744683 Fix of 8 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrmaddressfilter OOB read CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xtu32: validate user space input CVE-url:...
CLSA-2023-1697744503 Fix of 7 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrmaddressfilter OOB read CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xtu32: validate user space input CVE-url:...
glibc: potential use-after-free in gaih_inet()
A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
glibc: potential use-after-free in gaih_inet()
A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
SUSE CVE-2023-4813
A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
glibc Resource Management Error Vulnerability
glibc GNU C Library is a C standard library implemented by a GNU project of the GNU community. A resource management error vulnerability exists in glibc, which stems from the fact that the gaihinet function may use freed memory, causing the application to crash...
PT-2023-4960 · D Link · D-Link Dir-868L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-868L version fw revA 1-12 eu multi 20170316 Description: The issue is caused by a buffer overflow on the stack in the inet ntoa function. This can be exploited by a remote attacker to cause a buffer overflow. The buffer overflow...
c-ares: Buffer Underwrite in ares_inet_net_pton()
A vulnerability was found in c-ares. This issue occurs in the aresinetnetpton function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which woul...
c-ares: Buffer Underwrite in ares_inet_net_pton()
A vulnerability was found in c-ares. This issue occurs in the aresinetnetpton function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which woul...
PT-2023-19503 · Gl.Inet · Gl-E750 Mudi
Name of the Vulnerable Software and Affected Versions: GL.iNET GL-E750 Mudi versions prior to v3.216 Description: A vulnerability in the software allows authenticated attackers to execute arbitrary code via a crafted POST request. Recommendations: For versions prior to v3.216, update to firmware...
OESA-2023-1357 c-ares security update
Security Fixes: c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an...
CVE-2023-30903
HP-UX could be exploited locally to create a Denial of Service DoS when any physical interface is configured with IPv6/inet6...
CVE-2023-33620
GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack...
CVE-2023-33620
GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack...
GL.iNet GL-AR750S-Ext 安全漏洞
The GL.iNet GL-AR750S-Ext is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215, which originates from the insertion of an administrator authentication token into a GET request when downloading the OpenVPN server...
GL.iNet GL-AR750S-Ext 安全漏洞
The GL.iNet GL-AR750S-Ext is a wireless router from China's GL.iNet. A security vulnerability exists in the GL.iNet GL-AR750S-Ext version 3.215. An attacker exploited the vulnerability to eavesdrop on communications via a man-in-the-middle attack...
PT-2023-24408 · Gl.Inet · Gl-Ar750S-Ext
Name of the Vulnerable Software and Affected Versions: GL.iNET GL-AR750S-Ext firmware version 3.215 Description: The issue concerns the insertion of the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. This token is then left in the browser history ...