CVE-2021-35094

CVE-2021-35094 involves Qualcomm components (e.g., QCA family, AQT1000) with an improper validation of timeout-based authentication in identity credentials, which can lead to invalid authorization in HLOS. The issue affects multiple Qualcomm/Qualcomm-supplied platforms including Snapdragon Auto, ...

PT-2025-26092

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel's Bluetooth functionality has been identified. When the HCI work queue is drained, only queue chained work is allowed, but another delayed work can...

This Week in Spring - May 31st, 2022

Hi, Spring fans! And welcome to another installment of This Week in Spring! Ive just returned from three wonderful weeks overseas and now, Im pleased as punch to convey, that Im home! And hopefully, COVID-19 free! Who knows what sort of nonsense I caught on the flight home, anyway. Some things, I...

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

openshift-origin-node Improper Input Validation vulnerability

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...

GHSA-756M-3QF2-HP58 openshift-origin-node Improper Input Validation vulnerability

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...

BirDuster - A Multi Threaded Python Script Designed To Brute Force Directories And Files Names On Webservers

BirDuster is a Python based knockoff of the original DirBuster. BirDuster is a multi threaded Python application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not...

CVE-2022-26782

Multiple improper input validation vulnerabilities exists in the libnvram.so nvramimport functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input...

CVE-2022-26781

Multiple improper input validation vulnerabilities exists in the libnvram.so nvramimport functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input...

PT-2022-18083 · Unknown · Inrouter302

Name of the Vulnerable Software and Affected Versions: InRouter302 version 3.5.4 Description: The issue is related to improper input validation vulnerabilities in the libnvram.so nvram import functionality and the httpd's user define set item function. A specially-crafted file can lead to remote...

CVE-2022-24042

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

Qualcomm多款产品 授权问题漏洞

The Qualcomm QCA chip and Qualcomm AQT1000 are both products of Qualcomm Incorporated Qualcomm.The Qualcomm QCA chip is a Bluetooth module chip.The Qualcomm AQT1000 is a highly stripped down version of the WCD9341 Aqstic audio codec.The Qualcomm AQT1000 is a highly stripped down version of the...

CVE-2021-38869

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force ID: 208341...

CVE-2021-38869

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force ID: 208341...

Code injection

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force ID: 208341...

CVE-2021-38869

IBM QRadar SIEM 7.3, 7.4, and 7.5 in some situations may not automatically log users out after they exceede their idle timeout. IBM X-Force ID: 208341...

IBM QRadar SIEM Authorization Issue Vulnerability (CNVD-2022-34988)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An authorization...

polkit security update

0.115-13.0.1.el85.2 - Increase timeout to avoid defunct processes Orabug: 26930744 0.115-13.el85.2 - necessary version bump due to build versioning - Resolves: CVE-2021-4115...

Unbreakable Enterprise kernel security update

4.14.35-2047.512.6 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34039271 - uek-rpm: update kABI lists for new symbols Saeed Mirzamohammadi Orabug: 33993774 4.14.35-2047.512.5 - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug:...

IBM QRadar SIEM 授权问题漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An authorization...