CVE-2023-5310

A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 Gecko SDK v4.3.3 and earlier. This attack can be carried out only by devices on the network sending a stream of packets to the device...

Denial of service

A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 Gecko SDK v4.3.3 and earlier. This attack can be carried out only by devices on the network sending a stream of packets to the device...

CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...

QNAP Systems QTS and QuTS hero Cross-Site Scripting Vulnerability

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems, Inc.QNAP Systems QTS is an operating system for use with entry to mid-level QNAP NAS.QNAP Systems QuTS hero is an operating system. A security vulnerability exists in QNAP Systems QTS and QuTS...

PT-2023-9572

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23 Oracle GraalVM for JDK versions 17.0.12, 21.0.4, 23 Oracle GraalVM Enterprise Edition versions 20.3.15, 21.3.11 Description The issue allows an unauthenticated attacker wi...

PT-2023-29242 · Tp Link · Tp-Link Archer A54

Name of the Vulnerable Software and Affected Versions: TP-Link Archer A54 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A54 routers. The specific flaw exists within the file libcmm.so...

QNAP Systems QTS and QuTS hero Operating System Command Injection Vulnerability

QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an operating system used by entry to mid-level QNAP NAS.QNAP Systems QuTS hero is an operating system. QNAP Systems QTS and QuTS hero are vulnerable to an operating system...

SUSE CVE-2020-2770

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

SUSE CVE-2020-2853

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

SUSE CVE-2021-35608

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

SUSE CVE-2022-21604

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

Medium: pki-core

Issue Overview: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but...

OpenJDK: certificate path validation issue during client authentication (8309966)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

OpenJDK: memory corruption issue on x86_64 with AVX-512 (8317121)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition:...

QNAP QTS / QuTS hero Multiple Vulnerabilities (QSA-23-41)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-41 advisory. - A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could...

PT-2023-6188 · Oracle +8 · Oracle Mysql Server +8

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.34 and prior Oracle MySQL Server version 8.1.0 Description: The issue is related to insufficient input validation in the InnoDB component of Oracle MySQL Server, allowing a high-privileged attacker with networ...

Oracle Java SE Security Vulnerability

Oracle Java SE is an Oracle product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle GraalVM for JDK versions 17.0.8 and 20.0.2 of Oracle Java SE, which originated from a vulnerability...

PT-2023-6270

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u381 through 8u381-perf Oracle GraalVM Enterprise Edition versions 20.3.11 through 21.3.7 Description The vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition product is related to the CORBA...

Input validation

An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework jsf module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine pfe and thereby resulting in a Denial of Service DoS. Upon...

CVE-2023-36841 Junos OS: MX Series: Receipt of malformed TCP traffic will cause a Denial of Service

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service DoS. An attacker who sends malformed TCP...