28 matches found
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the NudmUECM DELETE process. An attacker can obtain detailed internal error messages and implementation details by submitting invalid pduSessionId inputs remotely. Remediation...
EUVD-2019-6194
Malware in sbrugna...
EUVD-2006-7049
Malware in sbrugna...
CVE-2022-50297
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usbendpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. In this case there was an interrupt endpoint where the driver expected a bu...
CVE-2023-26052
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated...
CVE-2020-26967
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...
CVE-2022-49721 arm64: ftrace: consistently handle PLTs.
In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an ftrace trampoline. This is handled by ftracemakecall and ftracemakenop, with each having almost identical logic, but this is not...
SUSE CVE-2020-3702
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit...
SUSE CVE-2020-26967
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...
MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a...
CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl
A flaw was found in the way OpenSSL verified certificates via the X509verifycert function. X509verifycert fuunction may return a negative return value to indicate an internal error for example, out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO function such...
Dspace 安全漏洞
Dspace is an open source turnkey repository application from the DuraSpace community. A security vulnerability exists in DSpace versions prior to 6.4, which stems from the fact that when an "internal system error" occurs in dspace-jspui, the entire exception including the stack trace is available...
OpenSSL: Invalid handling of X509_verify_cert() internal errors (20211214) - Linux
OpenSSL is prone to an invalid handling of X509verifycert internal errors vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Thi...
OpenSSL: Invalid handling of X509_verify_cert() internal errors (20211214) - Windows
OpenSSL is prone to an invalid handling of X509verifycert internal errors vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Thi...
CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
Invalid handling of `X509_verify_cert()` internal errors in libssl
Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...
OpenSSL -- Certificate validation issue
The OpenSSL project reports: Invalid handling of X509verifycert internal errors in libssl Moderate Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for...
CVE-2020-26967
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...
CVE-2020-26967
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...
CVE-2020-26967
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...