37 matches found
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...
gcc-toolset-14-dwz bug fix and enhancement update
An update is available for gcc-toolset-14-dwz. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The dwz package contains a program that attempts to optimize DWARF...
Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001358 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmiunregisterfunction CVE-2023-52840 In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header CVE-2023-52843 I...
SUSE CVE-2023-52846
In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...
DEBIAN-CVE-2023-52846
In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...
UBUNTU-CVE-2023-52846
In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...
Siemens SCALANCE X-200RNA Switch Devices Information Disclosure Vulnerability
The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.An information disclosure vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices, which could be exploited by an attacker to gain access to sensiti...
Siemens SCALANCE X-200RNA Switch Devices Cross-Site Scripting Vulnerability
The SCALANCE X-204RNA Industrial Ethernet Access Point enables non-PRP endpoint devices to connect to a separate parallel network as needed.A cross-site scripting vulnerability exists in Siemens SCALANCE X-200RNA Switch Devices, which can be exploited by attackers to trigger malicious requests on...
CVE-2022-46350
The CVE-2022-46350 entry concerns Siemens SCALANCE X‑200RNA family web interfaces vulnerable to Cross‑Site Scripting (XSS) due to improper neutralization of script-related HTML tags in the integrated web server. Affected products and versions include SCALANCE X204RNA (HSR/PRP) and X204RNA EEC (HS...
PT-2020-2001 · Siemens · Siplus Net Scalance X308-2 +17
Name of the Vulnerable Software and Affected Versions: SCALANCE X204RNA HSR SCALANCE X204RNA PRP SCALANCE X204RNA EEC HSR SCALANCE X204RNA EEC PRP SCALANCE X204RNA EEC PRP/HSR SCALANCE X302-7 EEC 230V SCALANCE X302-7 EEC 230V, coated SCALANCE X302-7 EEC 24V SCALANCE X302-7 EEC 24V, coated SCALANC...
prpinspections.com XSS vulnerability
Open Bug Bounty ID: OBB-553999 Description| Value ---|--- Affected Website:| prpinspections.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Debian DSA-1673-1 : wireshark - several vulnerabilities
Several remote vulnerabilities have been discovered in network traffic analyzer Wireshark. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3137 The GSM SMS dissector is vulnerable to denial of service. - CVE-2008-3138 The PANA and KISMET dissectors...
[SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1673-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 29, 2008 http://www.debian.org/security/faq -...
DSA-1673-1 wireshark - several vulnerabilities
Bulletin has no description...
CVE-2008-4684
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service application crash via a certain series of packets, as demonstrated by enabling the 1 PRP or 2 MATE post dissector...
CVE-2008-4684
CVE-2008-4684 affects Wireshark 0.99.2–1.0.3 where the packet-frame handler does not correctly cope with exceptions raised by post dissectors, allowing remote attackers to crash the application via a crafted packet sequence and enabling the (1) PRP or (2) MATE post dissectors. The connected docum...