PT-2024-27984 · Qualcomm · Snapdragon +89

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A temporary denial-of-service issue occurs when handling the CU details from the RNR information element. This results in a transient DOS while processi...

Medium: amazon-cloudwatch-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

CVE-2024-3763

A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2024-23730

The OpenAPI and ChatGPT plugin loaders in LlamaHub aka llama-hub before 0.0.67 allow attackers to execute arbitrary code because safeload is not used for YAML...

PT-2023-25722 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series versions 20.1R1 and later versions Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series versions 20.2 through 20.2R3-S6 Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series...

CVE-2023-34458 mx-chain-go's relayed transactions always increment nonce

mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on ...

PT-2023-4003 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions prior to 19.1R3-S10 Juniper Networks Junos OS on MX Series 19.2 versions prior to 19.2R3-S7 Juniper Networks Junos OS on MX Series 19.3 versions prior to 19.3R3-S8 Juniper Networks Junos OS on M...

GHSA-7XPV-4PM9-XCH2 mx-chain-go does not treat invalid transaction with wrong username correctly

Impact Metachain cannot process a cross-shard miniblock. An invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor. This is strictly a processing issue that could have happened on MultiversX chain. If an error like this had occurre...

Cross site scripting

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2023-33964 mx-chain-go does not treat invalid transaction with wrong username correctly

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor...

CVE-2020-36694

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAPNETADMIN capability in an...

PT-2025-25942 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been identified where the system may process IPC reply before firmware boot, potentially leading to a NULL pointer dereference. This could occur if a...

CVE-2023-28959 Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

PT-2023-8416 · Apple · Macos Monterey +5

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.7.5 macOS Ventura versions prior to 13.3 macOS Monterey versions prior to 12.6.4 iOS versions prior to 16.4 iOS versions prior to 15.7.4 iPadOS versions prior to 16.4 iPadOS versions prior to 15.7.4...

USN-5810-4 git vulnerabilities

USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a...

CVE-2022-44617

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

Elrond-GO processing: fallback search of SCRs when not found in the main cache

Impact Processing issue, nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between the transaction caches and the processing component. If the above-mentioned transaction was sent with more...

CVE-2022-46173

Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...

Code injection

Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...