atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

...

GSD-2023-1000572 md/raid0, raid10: Don't set discard sectors for request queue

md/raid0, raid10: Don't set discard sectors for request queue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

PT-2023-34438 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.163 Description: A potential issue exists in the Linux Kernel, where the sk error queue is not properly purged in the sk stream kill queues function. The actual impact and attack plausibility have not yet...

CVE-2022-46955

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=savequeue...

CVE-2023-22391

A vulnerability in class-of-service CoS queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Specific packets are being incorrectly routed to a queue used for other high-priority traffic such a...

CVE-2023-22391

A vulnerability in class-of-service CoS queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Specific packets are being incorrectly routed to a queue used for other high-priority traffic such a...

Design/Logic Flaw

A vulnerability in class-of-service CoS queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Specific packets are being incorrectly routed to a queue used for other high-priority traffic such a...

PT-2023-15116 · Unknown · Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/ajax.php?action=save queue" API endpoint...

Dynamic Transaction Queuing System SQL注入漏洞

Dynamic Transaction Queuing System is a dynamic transaction queuing system using PHP/MySQL by Carlo Montero, a personal developer. A security vulnerability exists in Dynamic Transaction Queuing System v1.0, which stems from the id parameter of its /admin/ajax.php?action=savequeue component that...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

This is a PoC exploit for CVE-2022-0995, a heap out-of-bounds write in the watchqueue Linux kernel component. The exploit targets Ubuntu 21.10 with kernel 5.13.0-37. It uses the same technique described in a Google Security Research writeup for CVE-2021-22555. The exploit is not 100% reliable and...

CVE-2023-22391 Junos OS: ACX2K Series: Receipt of a high rate of specific traffic will lead to a Denial of Service (DoS)

A vulnerability in class-of-service CoS queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Specific packets are being incorrectly routed to a queue used for other high-priority traffic such a...

CVE-2023-22391

CVE-2023-22391 affects Juniper Networks Junos OS on ACX2K Series. The issue is a class-of-service (CoS) queue management flaw that misroutes specific high-priority traffic (BGP, PIM, ICMP/ICMPv6 ND, ISAKMP) into a queue, enabling an unauthenticated network-based attacker to cause a DoS by sustain...

PT-2023-3071 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on ACX2K Series versions prior to 19.4R3-S9 Juniper Networks Junos OS on ACX2K Series versions 20.2 Juniper Networks Junos OS on ACX2K Series versions 20.3 through 20.3R3-S6 Juniper Networks Junos OS on ACX2K Series...

This Week in Spring - January 9th, 2023

Hi, Spring fans! As I write this Im on a plane winging my way to Helsinki, Finland. A new year and new journeys begin. Its going to be cold there. Wish me luck! Do you know what always warms me up? The thrill of learning. And this weeks no different. This week weve got some good stuff line up so...

PT-2024-11813 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/mlx5e module, related to IPoIB and Block PKEY interfaces with less rx queues than the parent. The issue...

CVE-2022-3928

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

Hardcoded credentials

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

CVE-2022-3928

CVE-2022-3928 describes a hardcoded credential in the message queue of Hitachi Energy FOXMAN-UN and UNEM products (R9C–R15B). The vulnerability allows an attacker who can exploit it to access data in the internal message queue. Connected advisories and records confirm the affected families (FOXMA...

CVE-2022-3928 Hardcoded credential is found in the message queue

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...

CVE-2022-3928 Hardcoded credential is found in the message queue

Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability will be able to access data to the internal message queue. This issue affects FOXMAN-UN product: FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B...