PT-2025-32119 · Unknown · Lte Network

Name of the Vulnerable Software and Affected Versions: LTE network affected versions not specified Description: A transient Denial-of-Service DoS condition can occur while processing a random-access response RAR containing an invalid Protocol Data Unit PDU length on an LTE network. A PDU is a uni...

SUSE-SU-2023:3868-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Security issues fixed: CVE-2022-32149: Fix denial of service vulnerability bsc1204501 CVE-2022-41723: Fix uncontrolled resource consumption bsc1208270 CVE-2022-46146: Fix authentication bypass vulnarability...

SAMSUNG Exynos Resource Management Error Vulnerability

SAMSUNG Exynos is a SoC, Arm architecture based processor developed and manufactured by Samsung Mobile, a South Korean company. A resource management error vulnerability exists in the SAMSUNG Exynos 2200, which stems from allowing a double release of the GPU...

PT-2023-28367 · Samsung · Exynos 2200

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos 2200 Description: The issue allows a GPU Use After Free. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was...

[SECURITY] Fedora 39 Update: rubygem-actionpack-7.0.7.2-1.fc39

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser...

PT-2023-36008 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a null-dereference read crash. Technical details about the crash include the functions isvcd parse inter slice data cavlc enh lyr...

CVE-2023-40218

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application...

CVE-2023-25519

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges...

CVE-2023-25519

CVE-2023-25519 affects NVIDIA’s ConnectX Host Firmware for the BlueField Data Processing Unit. The issue, described as a restricted-host induced incorrect user-management error, can lead to privilege escalation if exploited. The in-field impact is consistent with a total impact on confidentiality...

CVE-2023-25519

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges...

SUSE CVE-2023-41910

An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDPTLVADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdpdecode in daemon/protocols/cdp.c...

Potential Out-of-Bounds Error When Modifying Ranges

Lines of code Vulnerability details The method allows for the modification of a range based on an index. However, there's no explicit check to ensure that the provided indexToModify is within the bounds of the ranges array. If an out-of-bounds index is provided, the method will throw a generic...

PT-2023-20131 · Nvidia · Nvidia Connectx Host Firmware

Name of the Vulnerable Software and Affected Versions: NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit affected versions not specified Description: The issue is related to a vulnerability in the NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit, where a...

Security Bulletin: NVIDIA BlueField Data Processing Unit - September 2023

NVIDIA has released a firmware update for the NVIDIA BlueField Data Processing Unit. This update addresses security issues that may lead to escalation of privileges. To protect your system, download and install this firmware update from the NVIDIA Networking Support page. Go to NVIDIA Product...

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

A unified front against malicious cyber actors is climactic in the ever-evolving cybersecurity landscape. The joint Cybersecurity Advisory CSA, a collaboration between leading cybersecurity agencies from the United States, Canada, United Kingdom, Australia, and New Zealand, is a critical guide to...

CVE-2023-3262

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...

Dataprobe OS Command Injection Vulnerability

Dataprobe is a series of intelligent power switch and management products from Dataprobe, Inc. in the United States. Dataprobe iBoot PDU 1.43.03312023 and earlier versions suffer from an operating system command injection vulnerability that stems from an attack that is prone to command injection...

Dataprobe OS Command Injection Vulnerability

Dataprobe is a family of intelligent power switches and management products from Dataprobe, Inc. in the United States. An operating system command injection vulnerability exists in Dataprobe iBoot PDU version 1.43.03312023 and prior versions, which stems from a buffer overflow contained in the...

Intel NUC Security Vulnerability

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in the IntelR NUCs BIOS firmware. An attacker could exploit the vulnerability to obtain sensitive information...

Risk Fact #2: Weaponized Vulnerabilities Cloud Security Research Risk Fact

Qualys Blog Series – 2023 TotalCloud Security Insights by the Threat Research Unit The 2023 TotalCloud Security Insights report from the Qualys Threat Research Unit TRU provides research insights, best practices, and detailed recommendations organized by five separate Risk Facts. The insights wil...