114 matches found
SUSE CVE-2024-38564
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...
CVE-2024-38564
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on...
CVE-2023-51621
D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-41216
D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41222
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...
D-Link DIR-X3260 安全漏洞
D-Link DIR-X3260 is a Wi-Fi 6 router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-X3260 that stems from a prog.cgi SetTriggerPPPoEValidate stack-based buffer overflow remote code execution vulnerability...
D-Link DIR-X3260 安全漏洞
D-Link DIR-X3260 is a Wi-Fi 6 router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-X3260 that stems from an incorrect authentication bypass vulnerability implemented by the prog.cgi authentication algorithm...
PT-2024-3191 · D Link · D-Link Dir-822
Name of the Vulnerable Software and Affected Versions: D-Link DIR-822+ version 1.0.5 Description: The issue is related to a command injection in the SetPlcNetworkpwd function of the prog.cgi script, which allows remote attackers to execute arbitrary commands via shell. This is due to the lack of...
D-Link DIR-X3260 Buffer Overflow Vulnerability
The D-Link DIR-X3260 is a mainstream router from D-Link that supports Wi-Fi 6. The D-Link DIR-X3260 suffers from a buffer overflow vulnerability that stems from a heap-based buffer overflow remote code execution vulnerability in Prog.cgi. An attacker can exploit this vulnerability to execute...
The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.
The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
PT-2023-5896 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
PT-2023-8460 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
kernel: bpf, x86: fix freeing of not-finalized bpf_prog_pack
In the Linux kernel, the following vulnerability has been resolved: bpf, x86: fix freeing of not-finalized bpfprogpack syzbot reported a few issues with bpfprogpack 1, 2. This only happens with multiple subprogs. In jitsubprogs, we first call bpfintjitcompile on each sub program. And then, we cal...
PT-2025-26094
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the freeing of not-finalized bpf prog pack. The issue occurs when there are multiple subprogs and jit subprogs is called...
RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...
PT-2022-36316 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
CVE-2022-23173
this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get a...
CVE-2022-23173
this vulnerability affect user that even not allowed to access via the web interface. First of all, the attacker needs to access the "Login menu - demo site" then he can see in this menu all the functionality of the application. If the attacker will try to click on one of the links, he will get a...
CVE-2022-28041
stbimage.h v2.27 was discovered to contain an integer overflow via the function stbijpegdecodeblockprogdc. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...
Rockwell Automation Micrologix Improper Access Control (CVE-2017-14466)
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...