Security Bulletin: IBM Technical Suppport Appliance - possible security flaws or denial of service

Summary Numerous fixes to the Linux kernel for reported issues related to various security vulnerabilities such as demnial of service, unauthorized access, or leakage of sensitive data. Vulnerability Details CVEID:CVE-2019-25162 DESCRIPTION: Linux Kernel s vulnerable to a denial of service, cause...

Juniper Junos OS Vulnerability (JSA96457)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96457 advisory. - A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated...

CVE-2024-47493 Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In case of channelized Modular...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...

Exploit for Missing Release of Memory after Effective Lifetime in Realtek Rtsper

CVE-2024-40431+CVE-2022-25479 chain for EOPDATA ONLY ATTACK...

CVE-2023-33049 Improper Release of Memory Before Removing Last Reference in Multi-Mode Call Processor

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage...

Johnson Controls Kantech Gen1 ioSmart

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable from adjacent network Vendor : Sensormatic Electronics, LLC, an affiliate of Johnson Controls Inc. Equipment : Kantech Gen1 ioSmart card reader Vulnerability : Missing Release of Memory after Effective Lifetime 2. RISK EVALUATION...

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...

Juniper Junos OS Vulnerability (JSA70213)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70213 advisory. - A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated...

Design/Logic Flaw

Missing release of memory after effective lifetime in firmware for IntelR SPS before versions SPSE306.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access...

CVE-2022-22204

An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol SIP Application Layer Gateway ALG of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service DoS. On all MX and SRX platforms, if the...

Missing release of memory in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic...