CVE-2023-31196

Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated attacker to obtain sensitive information of the affected products. Affected products and versions are as follows: AC-PD-WAPU v1.05B04 and earlier, AC-PD-WAPUM v1.05B04 and earlier, AC-PD-WAPU-P v1.05B04P...

CVE-2023-31196

CVE-2023-31196: Missing authentication for a critical function in Inaba Denki Sangyo Wi‑Fi AP UNIT enables remote, unauthenticated access to sensitive information. Affected devices and versions include AC-PD-WAPU/AC-WAPU-P/AC-WAPUM and WAPU-WAPUM series (1.05_B04 or earlier; with P variants 1.05_...

CVE-2023-31198

OS command injection vulnerability exists in Wi-Fi AP UNIT allows. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. Affected products and versions are as follows: AC-PD-WAPU v1.05B04 and earlier, AC-PD-WAPUM...

CVE-2023-31198

OS command injection vulnerability exists in Wi-Fi AP UNIT allows. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. Affected products and versions are as follows: AC-PD-WAPU v1.05B04 and earlier, AC-PD-WAPUM...

Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT

Overview Wi-Fi AP UNIT provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below. Missing authentication for critical function CWE-306 - CVE-2023-31196 OS command injection CWE-78 - CVE-2023-31198 OS command injection CWE-78 - CVE-2023-28392 MASAHIRO IIDA of LAC Co.,...

JVN#28412757: Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT

Wi-Fi AP UNIT provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below. Missing authentication for critical function CWE-306 - CVE-2023-31196 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 7.5 CVSS v2|...

Behind the Screen: Three Vulnerabilities in RenderDoc

The Qualys Threat Research Unit TRU has discovered three vulnerabilities in RenderDoc. This blog will delve into the details of these three newly discovered vulnerabilities found within RenderDocs implementation. As part of our ongoing commitment to safeguard digital assets and strengthen...

CVE-2023-20746

In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519217...

MediaTek 芯片 资源管理错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the vcu module of the MediaTek chips, which is caused by a logic error and can potentially be used after free...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. The Qualcomm Chipsets have a security vulnerability that stems from memory corruption in the automobile GPU when querying the gsl memory node...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the vcu module of the MediaTek chips, which is caused by incorrect locking and possible out-of-bounds writes...

PT-2023-18331 · Qualcomm · 315 5G Iot Modem Firmware +155

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the GPU subsystem. This corruption occurs due to arbitrary command execution from the GPU when it is operating i...

CVE-2023-28469

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0...

ARM Mali GPU Kernel Driver 安全漏洞

ARM Mali GPU Kernel Driver is a driver for a graphics processor unit from ARM UK. A security vulnerability exists in the ARM Mali GPU Kernel Driver that originates from an unprivileged user being able to perform incorrect GPU processing operations to access freed memory...

PT-2023-22621 · Hopechart · Hopechart Hqt-401 Telematics Unit

Name of the Vulnerable Software and Affected Versions: HopeChart HQT-401 telematics unit version 201808021036 HopeChart HQT-401 telematics unit versions prior to the fixed version fixed version not specified Description: Insufficient authentication in the MQTT backend allows an attacker to access...

MQTT 授权问题漏洞

MQTT Message Queuing Telemetry Transport is an ISO standard ISO/IEC PRF 20922 based on the Publish/Subscribe paradigm of messaging protocols, which works on the TCP/IP family of protocols, and is designed for remote devices with low hardware performance and poor network conditions. It works on th...

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...

CVE-2023-31609

An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

CVE-2023-28367

Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script...