64 matches found
UNISOC Chipsets 数据伪造问题漏洞
UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets modem module, which stems from a lack of validation of the HashMME value in the Safe Mode command...
Important: Red Hat Security Advisory: emacs security update
An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
SSTImap - Automatic SSTI Detection Tool With Interactive Interface
SSTImap is a penetration testing software that can check websites for Code Injection and Server-Side Template Injection vulnerabilities and exploit them, giving access to the operating system itself. This tool was developed to be used as an interactive penetration testing tool for SSTI detection...
The vulnerability of the implementation of LTE microprogramming technology in Qualcomm’s embedded chips allows a intruder to trigger a service failure.
The vulnerability of the LTE microprogramming technology implementation in Qualcomm’s embedded chips is related to deficiencies in the authentication process when processing the securityModeCommand parameter. Exploiting this vulnerability allows a malicious actor to trigger a service failure by...
CVE-2022-39202 IRC mode parameter confusion in matrix-appservice-irc
matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat IRC protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...
CVE-2022-39202 IRC mode parameter confusion in matrix-appservice-irc
matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat IRC protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...
CVE-2021-35082
Improper integrity check can lead to race condition between tasks PDCP and RRC? right after a valid RRC security mode command packet has been received in Snapdragon Industrial IOT...
CVE-2021-30344
CVE-2021-30344 involves improper authorization of a replayed LTE security mode command that can cause a denial of service in Qualcomm Snapdragon devices. The vulnerability is described under Qualcomm closed-source components; public details on affected products, versions, or a concrete fix are no...
PT-2022-10007 · Qualcomm · Qualcomm Snapdragon
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to improper authorization of a replayed LTE security mode command, which can lead to a denial of service. This affects various Qualcomm Snapdragon products,...
ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host
Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...
The vulnerability of the FTM command implementation in Qualcomm’s embedded software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the FTM command implementation in Qualcomm’s embedded software is caused by buffer overflow. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...
CVE-2021-25471
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion...
CVE-2021-25471
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion...
Design/Logic Flaw
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion...
CVE-2021-25471
The vulnerability CVE-2021-25471 affects Samsung devices in the Security Mode Command (SMC) processing path where replay protection is missing. This lack of replay attack protection can cause denial of service to mobile network connections and result in battery depletion. Documented impact is tie...
CVE-2021-25471
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion...
PT-2021-7399 · Qualcomm · Snapdragon Connectivity +6
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables affected versions not specified Description: The issue is related to improper...
CVE-2008-1501
The sendusermode function in suser.c in 1 Undernet ircu 2.10.12.12 and earlier, 2 snircd 1.3.4 and earlier, and unspecified other ircu derivatives allows remote attackers to cause a denial of service daemon crash via a malformed MODE command...
CVE-2008-1501
The sendusermode function in suser.c in 1 Undernet ircu 2.10.12.12 and earlier, 2 snircd 1.3.4 and earlier, and unspecified other ircu derivatives allows remote attackers to cause a denial of service daemon crash via a malformed MODE command...
CVE-2008-1501
The sendusermode function in suser.c in 1 Undernet ircu 2.10.12.12 and earlier, 2 snircd 1.3.4 and earlier, and unspecified other ircu derivatives allows remote attackers to cause a denial of service daemon crash via a malformed MODE command...