1305 matches found
CVE-2024-38403
CVE-2024-38403 affects Qualcomm closed‑source WLAN firmware components. It describes a transient denial‑of‑service that occurs when parsing the BTM ML IE if the per‑STA profile is not included. The entry assigns a high impact and network‑level exposure with low attack complexity and no user inter...
CVE-2024-38403 Buffer Over-read in WLAN Firmware
Transient DOS while parsing BTM ML IE when per STA profile is not included...
CVE-2024-38403 Buffer Over-read in WLAN Firmware
Transient DOS while parsing BTM ML IE when per STA profile is not included...
CVE-2024-33068 Use After Free in WLAN Host Communication
Transient DOS while parsing fragments of MBSSID IE from beacon frame...
CVE-2024-33068
CVE-2024-33068 is a vulnerability described as a transient DoS during parsing of MBSSID IE fragments in beacon frames. Public sources (NVD, Red Hat, CVE list) tie it to WLAN host communication and a use-after-free style issue in Qualcomm chipsets, with base scores: NVD 6.5 (MEDIUM) and CNA 7.5 (H...
CVE-2024-33068 Use After Free in WLAN Host Communication
Transient DOS while parsing fragments of MBSSID IE from beacon frame...
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 CVSS score: 7.5, a memory corruption bug in the Scripting Engine...
CVE-2024-33071
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0...
CVE-2024-33070
Transient DOS while parsing ESP IE from beacon/probe response frame...
CVE-2024-33073
CVE-2024-33073 corresponds to a Buffer Over-read in WLAN Host Communication affecting Qualcomm chipsets. The vulnerability causes information disclosure during parsing of the BSS parameter change count and MLD capabilities fields within the ML IE. Affected product scope is not exhaustively listed...
CVE-2024-33073 Buffer Over-read in WLAN Host Communication
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...
CVE-2024-33073 Buffer Over-read in WLAN Host Communication
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE...
CVE-2024-33071 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0...
CVE-2024-33071 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0...
CVE-2024-33070 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing ESP IE from beacon/probe response frame...
CVE-2024-33070 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing ESP IE from beacon/probe response frame...
CVE-2024-33049 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame...
CVE-2024-9125
The kingIE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject...
PT-2024-39447 · WordPress · King Ie
Name of the Vulnerable Software and Affected Versions: king IE plugin for WordPress version 1.0 and earlier Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This allows authenticated attackers with...
WordPress plugin king_IE 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability...