248 matches found
CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
Design/Logic Flaw
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
Information disclosure
An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing RPA by...
Bluetooth Core Specification 安全漏洞
The Bluetooth Core Specification is a specification. Defines the technical building blocks used by developers to create the interoperable devices that make up the thriving Bluetooth ecosystem. Overseen by the Bluetooth Special Interest Group SIG and regularly updated and enhanced by the Bluetooth...
CVE-2020-35473
CVE-2020-35473 describes an information‑leakage vulnerability in Bluetooth Low Energy advertising scan responses (including extended scan responses) that can identify devices using Resolvable Private Addressing (RPA). Affected are Bluetooth Core Specifications 4.0–5.2 and extended scan responses ...
PT-2022-8926 · Bluetooth Special Interest · Bluetooth Core Specification
Name of the Vulnerable Software and Affected Versions: Bluetooth Core Specifications versions 4.0 through 5.2 Description: An information leakage issue in the Bluetooth Low Energy advertisement scan response and extended scan response may be used to identify devices using Resolvable Private...
CVE-2020-35473
An information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing RPA by...
SUSE-SU-2022:2960-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release bsc1201727: - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave INTEL-SA-00657. See also:...
The vulnerability of implementations of data transmission specifications in industrial networks, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of implementations of data transmission specifications in industrial networks is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
Fedora: Security Advisory for golang-github-deepmap-oapi-codegen (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: golang-github-deepmap-oapi-codegen-1.8.2-4.fc36
Generate Go client and server boilerplate from OpenAPI 3 specifications...
Swagger UI 3.14.0 < 3.38.0 Cross-Site Scripting
Swagger UI is a popular library used to beautify API specifications and render it to the users. Swagger UI versions 3.14.1 to 3.37.2 suffer from a DOM Cross-Site Scripting XSS vulnerability due to an outdated DomPurify embedded library and a feature available in the Swagger UI library itself whic...
[SECURITY] Fedora 35 Update: golang-github-deepmap-oapi-codegen-1.8.2-3.fc35
Generate Go client and server boilerplate from OpenAPI 3 specifications...
GHSA-7GCP-2GMQ-W3XH RubyGems Code Injection vulnerability
RubyGems prior to 2.6.13 is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...
RubyGems Code Injection vulnerability
RubyGems prior to 2.6.13 is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...
CVE-2021-40855
The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production...
CVE-2021-40855
CVE-2021-40855 concerns the EU Technical Specifications for Digital COVID Certificates before version 1.1, where certificate governance is mishandled. The vulnerability arises from allowing a non-production public key certificate to be used in production, potentially impacting the trust chain and...
Digital COVID Certificates 信任管理问题漏洞
Digital COVID Certificates is a digital COVID certificate for the European Union, designed to help facilitate the free movement and travel of EU citizens and non-EU nationals within the EU. A security vulnerability exists in Digital COVID Certificates that stems from the product allowing the use ...