PT-2025-27621 · Infinera · G42

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a service exposed on a specific TCP port with a configured endpoint that uses Basic Authentication. This endpoint is vulnerable to Directory Traversal attacks, allowing...

The vulnerabilities of the disable_show() and disable_store() functions in the Linux kernel USB driver allow attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the disableshow and disablestrore functions in the drivers/usb/core/port.c file of the Linux kernel’s USB driver is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected...

SUSE CVE-2010-0309

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

CVE-2022-23971

ASUS RT-AX56U’s updatePLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which results in service...

ASUS RT-AX56U 路径遍历漏洞

The ASUS RT-AX56U is a wireless router from ASUS of Taiwan, China. A path traversal vulnerability exists in the ASUS RT-AX56U updatePLC/PORT file, which can be exploited by an attacker to overwrite system files by uploading another PLC/PORT file with the same filename, resulting in a service...

The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.

...

ibacm: ibacm service files created with world writable permissions (DoS)

ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ibacm daemon log or ibacm.port file...

PT-2012-5456 · Intel +2 · Ibacm +2

Name of the Vulnerable Software and Affected Versions: ibacm version 1.0.7 Description: The issue allows local users to overwrite the ib acm daemon log or ibacm.port file due to world-writable permissions set by ibacm 1.0.7. Recommendations: For ibacm version 1.0.7, consider changing the file...

Design/Logic Flaw

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

CVE-2010-0309

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...