CVE-2024-0390

CVE-2024-0390 affects INPRAX iZZi connect for Android. The vulnerability stems from hard-coded MQTT queue credentials used by the iZZi connect app and the associated recuperation devices, enabling unauthorized access to read and manage parameters of the reQnet iZZi unit. Affected versions are pri...

INPRAX iZZi Trust Management Issues Vulnerabilities

INPRAX iZZi is an application from INPRAX Corporation. A security vulnerability exists in versions prior to INPRAX iZZi 2024010401 that stems from the inclusion of hard-coded queue credentials that could allow unauthorized access to manage and read recovery unit parameters...

AMD GPU Memory Leak Advisory - Lenovo Support US

No description provided...

PT-2024-13557 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG affected versions not specified Description: An out-of-bounds write exists in the driver for IEEE 802.15.4 radios on nRF platforms in the Contiki-NG operating system. The issue is triggered when parsing radio frames in the read fra...

ARM Valhall GPU Kernel Driver and Bifrost GPU Kernel Driver Resource Management Error Vulnerability

ARM Bifrost GPU Kernel Driver and Valhall GPU Kernel Driver are both products of ARM UK.Bifrost GPU Kernel Driver is a Bifrost GPU Kernel Driver.Valhall GPU Kernel Driver is an ARM Bifrost GPU Kernel Driver. Valhall GPU Kernel Driver is a Valhall GPU kernel driver. A security vulnerability exists...

Mispadu Stealer’s New Variant Targets Browser Data of Mexican Users

By Waqas The new variant of Mispadu Stealer was discovered by Palo Alto's Unit 42 researchers while investigating the Windows Defender SmartScreen vulnerability. This is a post from HackRead.com Read the original post: Mispadu Stealers New Variant Targets Browser Data of Mexican Users...

The vulnerability in the PMRChangeSparseMemOSMem driver of the PowerVR GPU graphics processing unit in Android and ChromeOS operating systems allows attackers to escalate their privileges.

The vulnerability of the PMRChangeSparseMemOSMem driver in the PowerVR GPU graphics processing subsystem for Android and ChromeOS systems stems from the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain increased privileg...

The vulnerability of the Energy Communication Unit (ECU-C) software, related to deficiencies in access control to the password reset code, allows a intruder to execute arbitrary codes.

The vulnerability of the Energy Communication Unit ECU-C control software is related to deficiencies in access control for password reset code. Exploiting this vulnerability allows a remote attacker to execute arbitrary codes...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

Honeywell UOC Security Vulnerability

Honeywell UOC is a unit operation controller from Honeywell USA. A security vulnerability exists in the Honeywell UOC that stems from allowing a file to be written that could result in unexpected behavior based on configuration changes or file updates...

PT-2024-1408 · Honeywell · Honeywell Experion Controledge Virtualuoc +1

Name of the Vulnerable Software and Affected Versions: Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the Configuration Handler component of the Honeywell Experion...

The vulnerability in Intel NUC’s built-in software, related to errors in processing input data, allows attackers to exploit their privileges.

The vulnerability of Intel NUC’s built-in software is related to errors in processing input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

CVE-2024-23871

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementmodify.php, in the description parameter. Exploitation of this...

CVE-2024-23861

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementcreate.php, in the unitofmeasurementid parameter. Exploitation of...

PT-2024-20140 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

Cups Easy Cross-Site Scripting Vulnerability

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. A cross-site scripting vulnerability exists in Cups Easy version 1.0, which stems from insufficient escaping of the description parameter on the /cupseasylive/unitofmeasurementmodify.php...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...