K000150336: Wireshark/tshark vulnerabilities CVE-2019-9214, CVE-2019-9208, CVE-2019-13619, CVE-2019-10903, and CVE-2019-10901

Security Advisory Description CVE-2019-9214 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. CVE-2019-9208 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to...

CVE-2025-2153

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...

BELL-CVE-2025-21833

Bulletin has no description...

CVE-2024-57995

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12kmacassignviftovdev In ath12kmacassignviftovdev, if arvif is created on a different radio, it gets deleted from that radio through a call to ath12kmacunassignlinkvif. This action...

CVE-2025-21770

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopfqueueremovedevice The iopfqueueremovedevice helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an...

CVE-2022-49051

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device, in particular: - The metadata array...

CVE-2024-52895

IBM i 7.4 and 7.5 is vulnerable to a database access denial of service caused by a bypass of a database capabilities restriction check. A privileged bad actor can remove or otherwise impact database infrastructure files resulting in incorrect behavior of software products that rely upon the...

CVE-2020-14582

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: User Registration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore...

CVE-2025-21559

...

CVE-2024-54339

CVE-2024-54339 affects the GeoFlickr plugin for WordPress. The vulnerability is a Reflected XSS due to improper input neutralization during web page generation. Affected versions are GeoFlickr up to 1.3 (inclusive); exploitation could occur via crafted input reflected in the page. The issue is pu...

BELL-CVE-2024-50176

Bulletin has no description...

BELL-CVE-2024-42260

Bulletin has no description...

BELL-CVE-2023-52566

Bulletin has no description...

BELL-CVE-2020-35492 CVE-2020-35492 does not affect BellSoft software

Bulletin has no description...

BELL-CVE-2021-33657 CVE-2021-33657 does not affect BellSoft software

Bulletin has no description...

PT-2023-12868 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue, such as its nature or potential impact. There is no mention of estimated...

SA44328 - 2019-12: Out-of-Cycle Advisory: Vulnerability could allow attackers to sniff or hijack VPN Connections (CVE-2019-14899)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about recently discovered vulnerability CVE-2019-14899. The flaw could be exploited by an attacker who shares the same network segment with the target...

PT-2023-15574 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The descriptions mention an issue but do not provide specific details about it, such as its nature, potential impact, or affected systems. They appear t...

PT-2023-12590 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific vulnerability. It appears to be a notification about a rejected CVE candidate number, with no relevant data...

CVE-2022-2154

...