115 matches found
ASB-A-258741356
A wlan driver function lacks parameter checks, resulting heap overflow vulnerability...
ASB-A-258749708
A wlan driver function lacks parameter checks, resulting heap overflow vulnerability...
ASB-A-258736883
A wlan driver function lacks parameter checks, resulting heap overflow vulnerability...
ASB-A-253957344
A wlan driver function lacks parameter checks, resulting EOP issue...
ASB-A-253957345
A wlan driver function lacks parameter checks, resulting Out-of-bounds Write issues...
ASB-A-253978054
A wlan driver function lacks parameter checks, resulting Out-of-bounds Write issues...
The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional diagnostic devices lies in the improper checking of POST request parameters. This allows a perpetrator to cause malfunctions during maintenance or execute arbitrary codes.
The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices is related to incorrect verification of POST request parameters. Exploiting this vulnerability can allow an attacker to trigger a service failure or execute arbitrary code...
The vulnerability of the CRI-O Container Engine’s application programming interface’s pinns allows a hacker to exit the container and gain root access to the host.
The vulnerability of the CRI-O Container Engine’s application programming interface’s pinns function, a software tool for managing clusters of virtual machines in Kubernetes, is related to the lack of proper checks on kernel parameters. Exploiting this vulnerability could allow an attacker to exi...
The vulnerability of the libxcb library in operating systems such as ALT Linux, ROSA Linux, and MSVSphere allows attackers to cause service failures.
The vulnerability of the libxcb library in ALT Linux, ROSA Linux, and MSVSphere operating systems is related to the lack of checks for the correctness of input parameters for the export function xcbgetpropertyvalueend. Exploiting this vulnerability can allow attackers to cause failures in...
TerraMaster TOS Dynamic Class Method Invocation Vulnerability
TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A dynamic class method call vulnerability exists in include/exportUser.php in TerraMaster TOS versions prior to 4.1.29. The vulnerability stems from invalid parameter checking. An attacker can...
Zephyr Input Validation Error Vulnerability (CNVD-2020-29631)
Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. Zephyr suffers from an input validation error vulnerability that stems from the program not performing parameter validation when making multiple system calls. No details of the vulnerability are...
CVE-2019-5287
P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193C00E190R2P1 have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters ...
bouncycastle: Other party DH public keys are not fully validated
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...
Huawei TripAdvisor Catwalk App Loads Arbitrary URL Vulnerability
TripAdvisor offers a wealth of travel planning and booking features, as well as powerful offline downloads and local services, making it a "must-have" tool for your outbound travel. A load arbitrary URL vulnerability exists in the Huawei TripAdvisor Catwalk application due to insufficient paramet...
CVE-2017-8170
Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone,...
The vulnerability of the alloc_heap_pages function in Xen hypervisors allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the allocheappages function in Xen hypervisors arises due to insufficient checking of parameters. Exploiting this vulnerability allows a local attacker to execute arbitrary code or cause a service failure by exceeding memory limits, using the NUMA parameter for memory...
Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12926)
Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...
Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12930)
Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...
Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12932)
Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...
Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12925)
Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...