1886 matches found
CVE-2019-14061
Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2020-5535
OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...
Authentication flaw
OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...
CVE-2020-5535
OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
CVE-2020-5534
Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...
Design/Logic Flaw
Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function...
Design/Logic Flaw
Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen...
CVE-2020-5534
Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...
CVE-2020-5525
Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen...
CVE-2019-20474
An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role read-only access to use and abuse it. One of the abuses allows performing network and port scan...
CVE-2019-14044
Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
[SECURITY] [DLA 2087-1] suricata security update
Package : suricata Version : 2.0.7-2+deb8u5 CVE ID : CVE-2019-18625 CVE-2019-18792 Two vulnerabilities have recently been discovered in the stream-tcp code of the intrusion detection and prevention tool Suricata. CVE-2019-18625 It was possible to bypass/evade any tcp based signature by faking a...
The vulnerability of the `__remove_dirty_segment` function in Linux operating system kernels, which allows a malicious actor to trigger a service failure
The vulnerability of the removedirtysegment function in Linux operating systems is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by manipulating the mounted file system f2fs...
Vulnerability of functions f2fs_build_segment_manager and init_min_max_mtime in Linux kernel, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerability of the f2fsbuildsegmentmanager function in the Linux kernel’s fs/f2fs/segment.c file, as well as the initminmaxmtime function in the same file, relates to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to compromise the...
CVE-2019-14003
Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...
The vulnerability of the kernel of operating systems such as Linux, Windows, Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, macOS, and EulerOS allows attackers to increase their privileges.
The vulnerability of the kernels of Linux, Windows, Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, macOS, and EulerOS is related to errors in interpreting instructions that describe behavior related to MOV SS/POP SS. Exploiting this vulnerability can allow attackers to gain increased...
tree-kill code injection vulnerability (CNVD-2019-46973)
tree-kill is a package for killing processes in the process tree. A code injection vulnerability exists in tree-kill Windows. The vulnerability arises from a network system or product that does not properly filter specific elements of externally input data during the construction of a code segmen...
UBUNTU-CVE-2019-19814
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause removedirtysegment slab-out-of-bounds write access because an array is bounded by the number of dirty types 8 but the array index can exceed this...