7894 matches found
PT-2024-20405 · Athonet · Athonet Vepc Mme
Name of the Vulnerable Software and Affected Versions: Athonet vEPC MME version 11.4.0 Description: The issue is related to an invalid memory access when handling the ProtocolIE ID field of E-RAB Setup List Context SURes messages. This allows attackers to cause a Denial of Service DoS to the...
CVE-2024-24450
Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...
CVE-2024-24447
A buffer overflow in the ngapamfhandlepdusessionresourcesetupresponse function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS via a PDU Session Resource Setup Response with an empty Response Item list...
PT-2024-20397 · Unknown · Oai-Cn5G-Amf
Name of the Vulnerable Software and Affected Versions: oai-cn5g-amf versions up to v2.0.0 Description: A buffer overflow in the ngap amf handle pdu session resource setup response function allows attackers to cause a Denial of Service DoS via a PDU Session Resource Setup Response with an empty...
CVE-2024-37285
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...
kernel: bonding: stop the device in bond_setup_by_slave()
In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...
kernel: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}
A memory leak flaw was found in the Linux kernel's ext4 filesystem in the filename casefolding error paths. A local user can trigger this issue by performing directory operations on ext4 filesystems with casefolding enabled when filename setup or lookup operations fail, causing the cryptobuf.name...
SUSE CVE-2024-50215
In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...
UBUNTU-CVE-2024-50215
In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...
Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
...
CVE-2024-47693
...
UBUNTU-CVE-2024-50208
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when numpages 256K. There will be a single PDE page address contiguous pages in the cas...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a Level-2 PBL page setup error problem...
wac 安全漏洞
wac WebAssembly in C is a minimal WebAssembly interpreter written in C by the individual developer Joel Martin. A security vulnerability exists in wac version 385e1, which stems from a heap overflow in the setupcall function and could lead to an attacker causing a denial of service via a speciall...
PT-2024-26486 · Wac · Wac
Name of the Vulnerable Software and Affected Versions: wac version 385e1 Description: A heap overflow issue was discovered in the setup call function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service DoS via a crafted wasm file. The issue is related to the setup call function...
EulerOS 2.0 SP10 : uboot-tools (EulerOS-SA-2024-2896)
According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists an unchecked length field in UBoot.The U-Boot DFU implementation does not bound the length field in USB DFU download setup...
CVE-2019-20461
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol...
CVE-2024-48950
An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup was exposed, allowing unauthenticated attackers to bypass CSRF protections and authentication...
CVE-2024-10027
The WP Booking Calendar WordPress plugin before 10.6.3 does not sanitise and escape some of its Widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setu...
Logpoint 安全漏洞
Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.5.0 that stems from an exposed endpoint used by a distributed Logpoint setup, allowing an unauthenticated attacker to bypass CSRF protection and...