200 matches found
The vulnerability of the ASP Bootloader component of AMD’s microprogramming software allows a hacker to disclose sensitive information or cause system failures.
The vulnerability of the ASP Bootloader microprogramming system for AMD processors is related to the state of competition. Exploiting this vulnerability can allow attackers to disclose protected information or cause malfunctions in the system...
CVE-2023-49394
Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly...
CVE-2023-49394
Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly...
CVE-2023-34326
The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...
CVE-2023-34326
The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...
Memory corruption
The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...
CVE-2023-34326 x86/AMD: missing IOMMU TLB flushing
The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...
CVE-2023-34326
CVE-2023-34326 concerns AMD-Vi (IOMMU) caching invalidation. The AMD-Vi specification guides improper invalidation: if DTE fields are updated but the IOMMU TLB is not flushed, devices may cause stale DMA mappings. These mappings can reference memory ranges not owned by the guest, potentially expo...
CVE-2023-34326 x86/AMD: missing IOMMU TLB flushing
The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...
Restoration with backup file doesn't work issue
Restore by backup file does not work correctly in NetScaler...
CVE-2023-28811
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...
Buffer overflow
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...
CVE-2023-28811
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...
CVE-2023-6097
A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing t...
Sql injection
A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing t...
PT-2023-32511 · Unknown · Ics Business Manager
Name of the Vulnerable Software and Affected Versions: ICS Business Manager version 7.06.0028.7089 Description: A SQL injection issue has been discovered, allowing a remote user to send a specially crafted SQL query to retrieve all database information. The data can also be modified or deleted,...
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally...
Rocky Linux 9 : rsyslog (RLSA-2022:4795)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:4795 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...
PT-2023-29936 · Unknown · Px4-Autopilot
Name of the Vulnerable Software and Affected Versions: PX4-Autopilot versions 1.14.0-rc1 and prior Description: The issue is related to a heap buffer overflow vulnerability in the parser function of PX4-Autopilot due to the absence of parserbuf index value checking. This can cause unexpected dron...
PT-2023-13356 · Lenovo · Lenovo Printers
Name of the Vulnerable Software and Affected Versions: Lenovo printers affected versions not specified Description: A denial-of-service issue was found in the firmware used in Lenovo printers. It occurs when users send illegal or malformed strings to an open port, triggering a denial of service...