Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a post-release reuse issue contained in the DSP Service component...

PT-2025-11097 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software version 7.9.2 Description: A vulnerability in the handling of specific packets that are punted from a line card to a route processor could allow an unauthenticated, adjacent attacker to cause control plane traffic to sto...

ROS-20240902-08

A vulnerability in the bus lockout regulator mechanism for some Intel processor models is associated with a a security mechanism failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service A firmware vulnerability in Intel Xeon D processors involves an incorrec...

ROS-20240902-03

Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...

PT-2024-25083 · Qualcomm · Snapdragon +44

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when untrusted or corrupted pointers are passed from DSP to EVA. This can potentially lead to security...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from an out-of-bounds read issue contained in the Multi Mode Call Processor...

Ruby On Rails XML Processor YAML Deserialization Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails XML Processor YAML Deserialization Scanner', 'Description' = %q This module attempts to identify Ruby on Rails instances vulnerable...

Ruby On Rails JSON Processor YAML Deserialization Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor YAML Deserialization Scanner', 'Description' = %q This module attempts to identify Ruby on Rails instances vulnerabl...

Ruby on Rails JSON Processor Floating Point Heap Overflow Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor Floating Point Heap Overflow DoS', 'Description' = %q When Ruby attempts to convert a string representation of a lar...

hw: amd: SMM Lock Bypass

A flaw was found in hw. Improper validation in a model-specific register MSR could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution...

PT-2024-34011

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the use of smp processor id in preemptible code, which can lead to errors when the driver is enabled. The problem arises from the loongson3 cpufreq probe function...

The vulnerability of the AcroForms processor in the PDF viewer software from Foxit Reader (formerly Foxit Reader) allows a perpetrator to execute arbitrary code.

The vulnerability of the AcroForms processor in the PDF electronic document viewing software Foxit PDF Reader formerly Foxit Reader relates to the possibility of using memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the use...

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

Intel Xeon Processor August 2024 Security Update

Intel has informed HP of ⁠potential security vulnerabilities in some Intel® Xeon® Processors, which might allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the potential...

Malicious code in redis-di-processor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d6942290379335757f0deff6d17e2490cd1b47f426b3f1fb533766ab804aa6cb The package is designed to exfiltrate basic data, like hostname and OS details, as well as collect information about the stacktrace it's imported from. ---...

MAL-2024-10152 Malicious code in redis-di-processor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d6942290379335757f0deff6d17e2490cd1b47f426b3f1fb533766ab804aa6cb The package is designed to exfiltrate basic data, like hostname and OS details, as well as collect information about the stacktrace it's imported from. ---...

USN-6950-4 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

UBUNTU-CVE-2022-48888

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Fix memory leak in msmmdssparsedatabusiccpath oficcget alloc resources for path1, we should release it when not need anymore. Early return when ISERRORNULLpath0 may leak path1. Defer getting path1 to fix this...

UBUNTU-CVE-2024-43874

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...

PT-2024-32110

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel, specifically with the pktgen module. It involves the use of cpus read lock in pg net init and the firing of WARN ONsmp processor id != cpu in...